US9578498B2 - Facilitating authentication of access terminal identity - Google Patents

Facilitating authentication of access terminal identity Download PDF

Info

Publication number
US9578498B2
US9578498B2 US13/577,888 US201113577888A US9578498B2 US 9578498 B2 US9578498 B2 US 9578498B2 US 201113577888 A US201113577888 A US 201113577888A US 9578498 B2 US9578498 B2 US 9578498B2
Authority
US
United States
Prior art keywords
access terminal
identity
user identity
report message
validation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related, expires
Application number
US13/577,888
Other versions
US20130036223A1 (en
Inventor
Zhimin Du
Yan Li
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qualcomm Inc
Original Assignee
Qualcomm Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qualcomm Inc filed Critical Qualcomm Inc
Publication of US20130036223A1 publication Critical patent/US20130036223A1/en
Assigned to QUALCOMM INCORPORATED reassignment QUALCOMM INCORPORATED ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: LI, YAN, DU, ZHIMIN
Application granted granted Critical
Publication of US9578498B2 publication Critical patent/US9578498B2/en
Expired - Fee Related legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/71Hardware identity

Definitions

  • Various features disclosed herein pertain generally to wireless communication systems, and at least some features pertain to devices and methods for facilitating the authentication of access terminal identities and usage relationships between access terminal identities and user identities.
  • Access terminals such as mobile phones, pagers, wireless modems, personal digital assistants, personal information managers (PIMs), personal media players, palmtop computers, laptop computers, or any other device with a processor that communicates with other devices through wireless signals are becoming increasingly popular and are used more frequently. Subscribers using such access terminals in a wireless communication network are typically authenticated by the wireless communication network before being granted access to initiate and/or receive calls and transmit and/or receive data.
  • PIMs personal information managers
  • wireless communication networks authenticate a subscriber by verifying a user identity comprising cryptographic information contained in and provided by, for example, an access terminal's Subscriber Identification Module (SIM) for GSM networks, Universal Subscriber Identification Module (USIM) for UMTS/LTE networks and Removable User Identification Module (RUIM) for CDMA networks.
  • SIMs, USIMs and RUIMs are typically chip and pin based cards that contain information about the subscriber/user of the access terminal and are removable from the access terminal. Users of access terminals equipped with such removable user identity modules are typically able to remove the SIM, USIM or RUIM card from one access terminal and place the card in another access terminal, thereby transferring their subscriber information easily from one access terminal to another.
  • wireless communication networks While conventional wireless communication networks are adapted to authenticate the subscriber card (e.g., SIM, USIM, RUIM) being used in an access terminal, it may also be desirable for the wireless communication networks to authenticate the access terminal itself, and deny or allow network access to the access terminal based on the outcome of the access terminal authentication. There are a number of reasons why a network operator would want to authenticate the access terminal in addition to the subscriber card. One common reason includes, for example, authentication of access terminals in order to deter unauthorized manufacturers from producing or refurbishing access terminals that are not approved for use within a wireless communication network (e.g., grey market access terminals).
  • a wireless communication network e.g., grey market access terminals
  • the network operator may deny service to those access terminals produced or refurbished by unauthorized manufacturers that fail to authenticate with valid access terminal identification. Another common reason involves the risks of terrorist attacks carried out in part with the use of unauthorized access terminals. Government entities have recently expressed a strong desire that network operators be able to trace, track, authenticate, and disable all access terminals operating within a network operator's wireless communication network. Having the ability to authenticate an access terminal and deny service accordingly would prove advantageous in stopping criminal activities.
  • a wireless communication network e.g., GSM network, WCDMA network, TD-SCDMA network
  • IMEI international mobile equipment identity
  • a wireless communication network e.g., CDMA
  • MEID mobile equipment identifier
  • Access terminals adapted to facilitate such authentication.
  • These access terminals may comprise processing circuit coupled to a communications interface adapted to facilitate wireless communications, a user identity module including a user identity, and to a storage medium.
  • the user identity may comprise an International Mobile Subscriber Identity (IMSI).
  • IMSI International Mobile Subscriber Identity
  • the user identity module can comprise a removable user identity module such as a Subscriber Identification Module (SIM), a Universal Subscriber Identity Module (USIM), a CDMA Subscriber Identification Module (CSIM) or a Removable User Identification Modules (RUIM).
  • SIM Subscriber Identification Module
  • USIM Universal Subscriber Identity Module
  • CCM CDMA Subscriber Identification Module
  • RUIM Removable User Identification Modules
  • the storage medium may include a validation key and an access terminal identity stored therein.
  • the access terminal identity can comprise one of an International Mobile Equipment Identity (IMEI) or a Mobile Equipment Identity (MEID).
  • IMEI International Mobile Equipment Identity
  • MEID Mobile Equipment Identity
  • the processing circuit may be adapted to determine that the user identity from the user identity module is not recorded for use with the access terminal.
  • the processing circuit may generate a report message including the user identity and the access terminal identity.
  • the report message may be generated in response to receipt of a request transmission or in response to a determination that the user identity has not been recorded for use.
  • the report message can be adapted to report a usage relationship between the user identity and the access terminal identity.
  • the processing circuit may sign the report message with a signature generated using the validation key, where the signature can authenticate that the access terminal is authorized to use the access terminal identity included in the report message.
  • the processing circuit can send a transmission including the signed report message to a validation server. Such a transmission may be sent as one of a Short Messaging Service (SMS) message, a packet-based message, or a signaling message.
  • SMS Short Messaging Service
  • the processing circuit may be further adapted to receive an acknowledgement via the communications interface, where the acknowledgement indicates that the reported usage relationship between the user identity and the access terminal identity is validated and recorded.
  • the processing circuit may then store user identity in the storage medium as recorded for use with the access terminal.
  • a method operational on an access terminal is also provided according to a feature.
  • a validation key can be stored in a storage medium.
  • a user identity from a user identity module in the access terminal can be determined to not be recorded for use with the access terminal.
  • a report message may be generated, which includes the user identity and an access terminal identity.
  • the report message can be adapted to report a usage relationship between the user identity and the access terminal identity.
  • the report message may be signed with a signature generated based on the validation key, where the signature is adapted to authenticate that the access terminal is authorized to use the access terminal identity included in the report message.
  • the signed report message can be sent in a transmission to a validation server.
  • validation servers adapted to facilitate the authentication of access terminal identities and usage relationships between access terminal identities and user identities.
  • Such validation servers may comprise a communications interface adapted to facilitate wireless communications, a storage medium, and a processing circuit coupled to the communications interface and the storage medium.
  • the communications interface, storage medium and processing circuit may be implemented integral with an equipment identity register (EIR).
  • EIR equipment identity register
  • the processing circuit may be adapted to receive and store a validation key in the storage medium.
  • the processing circuit may receive a transmission from an access terminal, via the communications interface.
  • the transmission may include a report message reporting a usage relationship between an access terminal identity and a user identity in the access terminal, where the report message is signed with a signature.
  • the processing circuit may authenticate the signature of the report message using the validation key to verify that the access terminal is authorized to use the access terminal identity included in the report message.
  • the processing circuit may be further adapted to record the usage relationship between the access terminal identity and the user identity in a database accessible to the EIR.
  • the processing circuit when implemented integral with the EIR, may also be adapted to receive via the communications interface a validation request transmission including the user identity and the access terminal identity from a network entity, query the database for a record verifying a valid usage relationship between the user identity and the access terminal identity, determine the access terminal to be authorized if a record in the database verifies the usage relationship between the user identity and the access terminal identity, and determine the access terminal to be unauthorized if a record in the database disproves the usage relationship or if no record in the database verifies the usage relationship between the user identity and the access terminal identity.
  • a method operational on a validation server is also provided according to a feature.
  • a validation key may be received and stored in a storage medium.
  • a transmission may be received from an access terminal, which transmission may include a report message reporting a usage relationship between an access terminal identity and a user identity in the access terminal, where the report message is signed with a signature.
  • the signature of the report message may be authenticated using the validation key to verify that the access terminal is authorized to use the access terminal identity included in the report message.
  • Such methods may further include recording the usage relationship between the access terminal identity and the user identity in a database accessible to an equipment identity register (EIR).
  • EIR equipment identity register
  • a validation request transmission including the user identity and the access terminal identity may be received from an entity of a communication network.
  • a database may be queried for a record verifying a usage relationship between the user identity and the access terminal identity. If a record verifies the usage relationship between the user identity and the access terminal identity, the access terminal may be determined as authorized. If, on the other hand, a record in the database disproves the usage relationship or if no record in the database verifies the usage relationship between the user identity and the access terminal identity, the access terminal may be determined to be unauthorized.
  • FIG. 1 is a block diagram illustrating an example of a wireless communication system in which one or more implementations of the present disclosure can find application.
  • FIG. 2 is a block diagram illustrating an example of a network environment for authenticating an access terminal's identity and recording a usage relationship between the access terminal's identity and a subscriber's identity.
  • FIG. 3 is a flow diagram illustrating an example of provisioning a validation key in one or more access terminals and in the validation server.
  • FIG. 4 (comprising FIGS. 4A and 4B ) is a flow diagram illustrating an example of authenticating an access terminal identity and recording a relationship between the access terminal identity and a user identity.
  • FIG. 5 is a block diagram illustrating select components of an access terminal according to at least one implementation.
  • FIG. 6 is a flow diagram illustrating an example of at least one implementation of a method operational on an access terminal, such as the access terminal of FIG. 5 .
  • FIG. 7 is a block diagram illustrating select components of a validation server according to at least one implementation.
  • FIG. 8 is a flow diagram illustrating an example of at least one implementation of a method operational on a validation server, such as the validation server of FIG. 7 .
  • base station and “access terminal” as used herein are meant to be interpreted broadly.
  • a “base station” may refer to a device that facilitates wireless connectivity (for one or more access terminals) to a communication or data network.
  • base stations may include base stations transceivers (BTS), Node-B devices, femto cells, pico cells, etc.
  • an “access terminal” may include mobile phones, pagers, wireless modems, personal digital assistants, personal information managers (PIMs), personal media players, palmtop computers, laptop computers, and/or other mobile communication/computing devices which communicate, at least partially, through a wireless or cellular network.
  • PIMs personal information managers
  • personal media players palmtop computers, laptop computers, and/or other mobile communication/computing devices which communicate, at least partially, through a wireless or cellular network.
  • An access terminal may initially be provisioned with a validation key originating from an administration authority. During operation, the access terminal may determine that a user identity from a user identity module in the access terminal is not currently recorded for use with the access terminal. The access terminal may generate a report message that includes the user identity and the access terminal's identity to report a usage relationship between the user identity and the access terminal identity. The report message is signed with a signature that is generated based on the validation key to authenticate that the access terminal is an authorized user of the access terminal identity. The access terminal then sends the report message to a validation server.
  • a validation server may be provisioned with a validation key originating from an administration authority.
  • the validation server may receive a report message from an access terminal, where the report message reports a usage relationship between an access terminal identity and a user identity from a user identity module in the access terminal.
  • the report message is signed with a signature that is authenticated by the validation server using the validation key. Since the validation key used by the access terminal to sign the report message is only available via authorized vendors, an authenticated signature indicates that the access terminal identity sent by the access terminal is valid and that the access terminal is an authorized device.
  • the validation server can record the usage relationship between the access terminal identity and the user identity in a database that is accessible to an equipment identity register (EIR) so that a network entity can validate that the access terminal is authorized for use on the network.
  • EIR equipment identity register
  • FIG. 1 is a block diagram illustrating an example of a wireless communication system 10 in which one or more implementations of the present disclosure can find application.
  • a wireless communication network 10 generally includes a plurality of access terminals (also called remote stations, mobile stations, subscriber units, or user equipment) 12 a - 12 d , a plurality of base stations (also called base stations transceivers (BTS), Node-B devices, femto cells, pico cells, etc.) 14 a - 14 c , a base station controller (BSC) (also called radio network controller or packet control function) 16 , a mobile switching center (MSC) or switch 18 , a packet data serving node (PDSN) or internetworking function (IWF) 20 , a public switched telephone network (PSTN) 22 (typically a telephone company), and a packet switched data network 24 (typically an Internet Protocol (IP) network).
  • access terminals also called remote stations, mobile stations, subscriber units, or user equipment
  • BTS base stations trans
  • the wireless communication network 10 may also include access network authentication, authorization and accounting equipment (AN-AAA) 26 , 28 for providing user account status (normal, shutdown, arrears), and for maintaining and storing such user account information.
  • AN-AAA access network authentication, authorization and accounting equipment
  • four access terminals 12 a - 12 d , three base stations 14 a - 14 c , one BSC 16 , one MSC 18 , and one PDSN 20 are shown. It would be understood by those skilled in the art that there could be any number of access terminals 12 , base stations 14 , BSCs 16 , MSCs 18 , and PDSNs 20 .
  • the wireless communication network 10 is a packet data service network.
  • the access terminals 12 a - 12 d may be any of a number of different types of wireless communication devices such as a portable phone, a cellular telephone that is connected to a laptop computer running IP-based Web-browser applications, a cellular telephone with associated hands-free car kits, a personal data assistant (PDA) running IP-based Web-browser applications, a wireless communication module incorporated into a portable computer, or a fixed location communication module such as might be found in a wireless local loop or meter reading system.
  • PDA personal data assistant
  • access terminals may be any type of communication unit.
  • the access terminals 12 a - 12 d may be configured to perform one or more wireless packet data protocols such as described in, for example, the EIA/TIA/IS-707 standard.
  • the access terminals 12 a - 12 d generate IP packets destined for the IP network 24 and encapsulates the IP packets into frames using a point-to-point protocol (PPP).
  • PPP point-to-point protocol
  • the IP network 24 is coupled to the PDSN 20
  • the PDSN 20 is coupled to the MSC 18
  • the MSC is coupled to the BSC 16 and the PSTN 22
  • the BSC 16 is coupled to the base stations 14 a - 14 c via wirelines configured for transmission of voice and/or data packets in accordance with any of several known protocols including, e.g., E1, T1, Asynchronous Transfer Mode (ATM), Internet Protocol (IP), Point-to-Point Protocol (PPP), Frame Relay, High-bit-rate Digital Subscriber Line (HDSL), Asymmetric Digital Subscriber Line (ADSL), or other generic digital subscriber line equipment and services (xDSL).
  • the BSC 16 is coupled directly to the PDSN 20
  • the MSC 18 is not coupled to the PDSN 20 .
  • the base stations 14 a - 14 c receive and demodulate sets of reverse link signals from various access terminals 12 a - 12 d engaged in telephone calls, Web browsing, or other data communications. Each reverse link signal received by a given base station 14 a - 14 c is processed within that base station 14 a - 14 c . Each base station 14 a - 14 c may communicate with a plurality of access terminals 12 a - 12 d by modulating and transmitting sets of forward link signals to the access terminals 12 a - 12 d . For example, as shown in FIG.
  • the base station 14 a communicates with first and second access terminals 12 a , 12 b simultaneously, and the base station 14 c communicates with third and fourth access terminals 12 c , 12 d simultaneously.
  • the resulting packets are forwarded to the BSC 16 , which provides call resource allocation and mobility management functionality including the orchestration of soft handoffs of a call for a particular access terminal 12 a - 12 d from one base station 14 a - 14 c to another base station 14 a - 14 c .
  • an access terminal 12 c is communicating with two base stations 14 b , 14 c simultaneously.
  • the access terminal 12 c moves far enough away from one of the base stations 14 c , the call will be handed off to the other base station 14 b.
  • the BSC 16 will route the received data to the MSC 18 , which provides additional routing services for interface with the PSTN 22 . If the transmission is a packet-based transmission such as a data call destined for the IP network 24 , the MSC 18 will route the data packets to the PDSN 20 , which will send the packets to the IP network 24 . Alternatively, the BSC 16 will route the packets directly to the PDSN 20 , which sends the packets to the IP network 24 .
  • Each of the access terminals 12 A- 12 D includes an identity.
  • the access terminals 12 A- 12 D may each comprise an international mobile equipment identity (IMEI) number.
  • IMEI international mobile equipment identity
  • the access terminals 12 A- 12 D may each comprise a mobile equipment identifier (MEID).
  • MEID mobile equipment identifier
  • each of the access terminals 12 A- 12 D includes a user identity (or subscriber identity) that identifies the subscriber using the particular access terminal.
  • each access terminal 12 A- 12 D may include a removable subscriber identification module (e.g., SIM, USIM, CSIM), or a removable user identification module (RUIM), depending on the particular implementation of the wireless communication network 10 .
  • FIG. 2 is a block diagram illustrating an example of a network environment 200 for authenticating an access terminal's identity and for recording a usage relationship between the access terminal's identity and a subscriber's identity.
  • the network may include a validation server 202 adapted to perform one or more authentication/validation functions of an access terminal 204 .
  • the validation server 202 may be implemented as a part of an equipment identity register (EIR) 206 or can be communicatively connected to an EIR 206 and/or to a database 208 accessible to the EIR 206 .
  • EIR equipment identity register
  • the database 208 includes a plurality of access terminal identities that are either authorized for use (e.g., whitelisted) or unauthorized for use (e.g., blacklisted).
  • the EIR 206 may be deployed in either a centralized or a distributed topology, and may be deployed, for example, by a network operator, a government, and/or an industrial organization.
  • Both the validation server 202 and the access terminal 204 are provided with a validation key originating from an administration authority 210 .
  • a validation key may comprise, for example, a cryptographic key (e.g., an authentication key) or a digital certificate.
  • the administration authority 210 may comprise a trustworthy entity that issues validation keys adapted to certify the ownership of a public key. According to at least one implementation, the administration authority 210 may issue the validation key to an authorized device vendor 212 of the access terminal 204 on request by the vendor 212 .
  • the validation key may be provided by the administration authority 210 as either a vendor-specific validation key or as a model-specific validation key.
  • the validation key may be provided by the administration authority 210 for use with all models of access terminals from the vendor 212 (vendor-specific), or it may be provided for use with only a specific model of access terminals from the vendor 212 (model-specific). In the case where each model is to be assigned with a unique validation key (model-specific), the assignment of the validation key may be performed as part of a device approval process through which the vendor 212 obtains a network-access license from the administration authority 210 for the particular model of access terminal.
  • the vendor 212 can securely store the assigned validation key (or a diversified key derived from the assigned validation key) into its access terminal products. For example, the vendor 212 may load the validation key into a secured storage medium of the access terminal 204 so that the validation key cannot be read out by an attacker.
  • the administration authority 210 also securely provides the validation key (or a diversified key derived from the validation key) to the validation server 202 . In this manner, the access terminal 204 can employ the validation key for signing communications with the validation server 202 , and the validation server 202 can employ the corresponding validation key to verify such signed communications from the access terminal 204 .
  • the access terminal 204 is adapted to identify whether a user identity (e.g., International Mobile Subscriber Identity (IMSI)) associated with a user identity module (e.g., SIM, USIM, RUIM, CSIM) employed with the access terminal 204 is different from a user identity previously recorded for use with the access terminal 204 .
  • a user identity e.g., International Mobile Subscriber Identity (IMSI)
  • SIM International Mobile Subscriber Identity
  • USIM e.g., USIM, RUIM, CSIM
  • the access terminal 204 may generate and send a transmission to the validation server including the user identity (e.g., IMSI) and the identity of the access terminal 204 (e.g., International Mobile Equipment Identity (IMEI), Mobile Equipment Identity (MEID)), which transmission is signed by the access terminal 204 using the validation key.
  • IMEI International Mobile Equipment Identity
  • MEID Mobile Equipment Identity
  • the transmission may be automatically generated and sent by the access terminal 204 upon identifying the new user identity, or the transmission may be requested by the validation server 202 upon some indication that the combination of the user identity and access terminal identity is not currently recorded for use together (e.g., never before been used together, not recently used together, etc.).
  • the validation server 202 receives the transmission via a wireless communication network 214 , which may be similar to the wireless communication network 10 in FIG. 1 .
  • the validation server 202 can authenticate the transmission by validating the signature using the validation key provisioned in the validation server 202 . If the transmission is validated, indicating that the access terminal is an authorized device, the validation server 202 may update the database 208 with the new relationship between the user identity and the access terminal identity. Since access terminals produced by unauthorized vendors, or access terminals attempting to fake an identity (e.g., IMEI, MEID) will not have the validation key, the validation server 202 will be able to identify those access terminals.
  • an identity e.g., IMEI, MEID
  • the EIR 206 can perform a check in the database 208 to determine whether the user identity is authorized for use with the access terminal identity.
  • FIG. 3 is a flow diagram illustrating an example of provisioning a validation key in one or more access terminals and in the validation server.
  • the validation server 202 , an access terminal 204 , the administration authority 210 and vendor 212 of FIG. 2 are used for illustration purposes.
  • the authorized access terminal vendor 212 may send a transmission to the administration authority 210 applying for or requesting a validation key at step 302 .
  • the administration authority 210 may verify the qualification of the vendor 212 , and may securely assign a validation key to the qualifying vendor 212 at step 304 .
  • the administration authority 210 verifies the qualification of the vendor 212 in order to ensure that validation keys are not given to an entity that will use the validation key to circumvent the security provided by the present disclosure.
  • the vendor 212 can securely provision the validation key (or a diversified key derived from the validation key) into the access terminals 204 of the vendor 212 at step 306 .
  • the vendor 212 may load the validation key into a secured storage medium of each access terminal 204 so that the validation key cannot be read out by an attacker. With the vendor 212 securely storing the validation key in each authorized access terminal 204 , unauthorized access terminals will not have the ability to obtain a validation key. Without a validation key, such unauthorized access terminals are unable to circumvent the security measures described herein.
  • the administration authority 210 also securely provisions the validation key (or a diversified key derived from the validation key) into the validation server 202 .
  • the administration authority 210 can communicate with the validation server 202 via a secured or encrypted transmission to provide the validation key to the validation server 202 .
  • the validation server 202 may also store the validation key in a secured storage medium so that the validation key cannot be read out by an attacker.
  • FIG. 4 is a flow diagram illustrating an example of authenticating an access terminal identity and recording a relationship between the access terminal identity and a user identity.
  • the access terminal 204 , validation server 202 , database 208 and equipment identity register (EIR) 206 of FIG. 2 are used for illustration purposes.
  • the access terminal 204 may read a user identity (e.g., IMSI) from a user identity module at step 402 .
  • the access terminal 204 may be adapted to read the user identity each time the access terminal 204 is powered on.
  • the user identity module comprises a module adapted to store a user identity in such a manner that the user identity can be changed.
  • the user identity module may comprise a removable user identity module (e.g., SIM, USIM, RUIM, CSIM).
  • the user identity may comprise a module that is not removable, but rather reprogrammable, such as a non-RUIM adapted access terminal configured for a CDMA adapted communications network.
  • the user identity in the non-removable user identity module can be changed through Over-the-Air Service Provisioning (OTASP) or Over-the-Air Parameter Administration (OTAPA).
  • OTASP Over-the-Air Service Provisioning
  • OTAPA Over-the-Air Parameter Administration
  • the access terminal 204 determines whether the user identity is currently recorded for use with the access terminal 204 . For example, the access terminal 204 may compare the user identity read from the user identity module with the user identity employed in the most recent successful registration. That is, the access terminal 204 compares the user identity with the user identity that was last successfully recorded for use with the access terminal 204 . In other implementation, the access terminal 204 may determine whether the user identity has ever been recorded, or has been recorded within a determined period of time for use with the access terminal 204 .
  • the access terminal 204 may continue with normal operations. However, in response to determining that a user identity is not currently recorded, or optionally in response to a request 406 from the validation server 202 , the access terminal 204 may generate a report message for the validation server 202 at step 408 .
  • the report message includes the identity of both the subscriber (e.g., IMSI) and the access terminal 204 (e.g., IMEI, MEID).
  • the report message can also include additional information, such as one or more of a timestamp, a counter, a vendor ID, a model number, as well as other information.
  • the access terminal 204 In addition to obtaining the information for the report message, the access terminal 204 generates a signature for the report message based on the validation key 410 . For example, the access terminal 204 may calculate a signature based on the validation key, or a medium or session-based key derived from the assigned validation key using any known key derivation algorithm.
  • the access terminal 204 sends a transmission including the signed report message (e.g., signature, access terminal identity and user identity) to the validation server 202 .
  • the access terminal 204 may send the transmission via any means for sending transmissions over a wireless communication network 214 .
  • the transmission can be sent as a short message service (SMS), a packet-based message or a signaling message with a predefined format.
  • SMS short message service
  • the validation server 202 retrieves the validation key associated with the access terminal 204 at step 414 .
  • the validation server 202 may employ the identity of the access terminal 204 (e.g., IMEI, MEID), and/or vendor information associated with the access terminal 204 , if such vendor information is included in the received transmission.
  • the validation server verifies the signature of the report message at step 416 to authenticate that the access terminal 204 is authorized to use the access terminal identity included in the report message.
  • the validation server 202 may update the database 208 to store a record of the new relationship between the identity of the access terminal 204 and the identity of the subscriber, as indicated at step 418 . If, however, the signature is not valid, the validation server 202 may simply ignore the report message.
  • the validation server 202 may send an acknowledgment transmission to the access terminal 204 at step 420 , acknowledging that the signature was verified and/or that the database 208 has been updated.
  • the acknowledgement transmission may be in one of various forms, depending on the form of the report message transmission. If the report message transmission is sent as a short message service (SMS) transmission, the acknowledgement transmission may comprise, for example, a Layer 2 Acknowledgement or SMS Acknowledgement. If the report message transmission is sent as a packet-based message, the acknowledgement transmission may comprise, for example, a TCP Acknowledgment for TCP packet delivery. Furthermore, if the report message transmission is sent as a signaling message, the acknowledgement transmission may comprise, for example, a signaling layer acknowledgement. Alternatively, the validation server 202 may return an explicit Acknowledgement message with pre-defined data format for the report message.
  • SMS short message service
  • the acknowledgement transmission may comprise, for example, a Layer 2 Acknowledgement or SMS Acknowledgement.
  • the acknowledgement transmission may comprise
  • the access terminal 204 Upon receipt of the acknowledgement transmission, the access terminal 204 stores the user identity as a user identity recorded for use with the access terminal 204 , as shown at step 422 . The access terminal 204 can then operate under normal use.
  • the access terminal 204 may request access to certain services from the network, or the network (or some entity of the network) may desire to verify the status of the access terminal 204 for one or more particular reasons.
  • one or more entities e.g., a MSC 18 (see FIG. 1 ) in the mobile switching domain or a Serving GPRS Support Node (SGSN) in the packet switching domain
  • SGSN Serving GPRS Support Node
  • the EIR 206 may receive such a request including the identity of the access terminal 204 (e.g., IMEI, MEID) and the identity of the subscriber (e.g., IMSI).
  • the EIR 206 checks the database 208 at step 426 . If the record stored at the database 208 indicates that the identity of the access terminal 204 is associated with and/or authorized for use with the user identity, then the EIR 206 can conclude at step 428 that the access terminal 204 is authorized. Conversely, if the record stored at the database 208 indicates that the identity of the access terminal 204 is not associated with and/or authorized for use with the user identity, then the EIR 206 can conclude at step 428 that the access terminal 204 is not authorized for use with the network.
  • any access terminal that reports a user identity to the network that is not recorded for use with the access terminal identity can be determined to be an unauthorized or illegal access terminal and can be blocked from using the network.
  • FIG. 5 is a block diagram illustrating select components of an access terminal 500 according to at least one implementation.
  • the access terminal 500 may include a processing circuit 502 coupled to a communications interface 504 , a storage medium 506 , and a user identity module 508 .
  • the processing circuit 502 is arranged to obtain, process and/or send data, control data access and storage, issue commands, and control other desired operations.
  • the processing circuit 502 may comprise circuitry configured to implement desired programming provided by appropriate media in at least one embodiment.
  • the processing circuit 502 may be implemented as one or more of a processor, a controller, a plurality of processors and/or other structure configured to execute executable instructions including, for example, software and/or firmware instructions, and/or hardware circuitry.
  • Embodiments of the processing circuit 502 may include a general purpose processor, a digital signal processor (DSP), an application specific integrated circuit (ASIC), a field programmable gate array (FPGA) or other programmable logic component, discrete gate or transistor logic, discrete hardware components, or any combination thereof designed to perform the functions described herein.
  • a general purpose processor may be a microprocessor but, in the alternative, the processor may be any conventional processor, controller, microcontroller, or state machine.
  • a processor may also be implemented as a combination of computing components, such as a combination of a DSP and a microprocessor, a number of microprocessors, one or more microprocessors in conjunction with a DSP core, or any other such configuration.
  • These examples of the processing circuit 502 are for illustration and other suitable configurations within the scope of the present disclosure are also contemplated.
  • the communications interface 504 is configured to facilitate wireless communications of the access terminal 500 .
  • the communications interface 504 may include at least one transmitter 510 and/or at least one receiver 512 (e.g., one or more transmitter/receiver chains). Furthermore, one or more antennas (not shown) may be electrically coupled to the communications interface 504 .
  • the storage medium 506 may represent one or more devices for storing programming and/or data, such as processor executable code or instructions (e.g., software, firmware), electronic data, databases, or other digital information. According to at least one embodiment, one or more of such devices comprising the storage medium 506 may comprise a secured storage device.
  • the storage medium 506 may be any available media that can be accessed by a general purpose or special purpose processor.
  • the storage medium 506 may include read-only memory (e.g., ROM, EPROM, EEPROM), random access memory (RAM), magnetic disk storage mediums, optical storage mediums, flash memory devices, and/or other non-transitory computer-readable mediums for storing information.
  • the storage medium 506 may be coupled to the processing circuit 502 such that the processing circuit 502 can read information from, and write information to, the storage medium 506 .
  • the storage medium 506 or at least a portion thereof, may be integral to the processing circuit 502 .
  • the storage medium 506 may include a validation key 514 stored therein.
  • the validation key 514 can be provisioned by a vendor 212 (see FIG. 2 ) within a secured portion of the storage medium 506 .
  • the validation key 514 may comprise, for example, a cryptographic key (e.g., an authentication key) or a digital certificate.
  • the storage medium 506 may also include an access terminal identity 516 stored therein.
  • the access terminal identity 516 may comprise, for example, an International Mobile Equipment Identity (IMEI) or a Mobile Equipment Identity (MEID).
  • IMEI International Mobile Equipment Identity
  • MEID Mobile Equipment Identity
  • the user identity module 508 is adapted to securely store a user identity, such as an International Mobile Subscriber Identity (IMSI).
  • IMSI International Mobile Subscriber Identity
  • the user identity module 508 may comprise a removable user identity module 508 such that a user can remove and insert different user identity modules 508 as desired.
  • a removable user identity module may include, for example, a SIM, USIM, CSIM, or RUIM.
  • the user identity module 508 may comprise a programmable user identity module 508 .
  • An example of such a programmable user identity module 508 includes a module for securely storing a user identity that is employed in a CDMA adapted access terminal that does not use a RUIM.
  • Such a programmable user identity module 508 can be programmed with a new or updated user identity with Over-the-Air Service Provisioning (OTASP) or Over-the-Air Parameter Administration (OTAPA).
  • OTASP Over-the-Air Service Provisioning
  • OTAPA Over-the-Air Parameter
  • the processing circuit 502 may be adapted to perform any or all of the processes, functions, steps and/or routines related to the various access terminals as described herein above with reference to FIGS. 1-4 (e.g., access terminal 12 A- 12 D and/or 204 ).
  • the term “adapted” in relation to the processing circuit 502 may refer to the processing circuit 502 being one or more of configured, employed, implemented, or programmed to perform a particular process, function, step and/or routine according to various features.
  • FIG. 6 is a flow diagram illustrating an example of at least one implementation of a method operational on an access terminal, such as the access terminal 500 .
  • a validation key may be received from an authorized vendor and stored in a storage medium at step 602 .
  • the validation key 514 can be provisioned into a secured portion of the storage medium 506 by the authorized vendor (such as the vendor 212 in FIG. 2 ).
  • the processing circuit 502 may be adapted to receive the validation key 514 from an authorized vendor, and then store the received validation key 514 in the storage medium 506 .
  • the processing circuit 502 can read the user identity from the user identity module 508 .
  • the processing circuit 502 can then compare the user identity to a user identity stored by the access terminal 500 as a user identity that is recorded for use with the access terminal 500 .
  • the processing circuit 502 may compare the user identity from the user identity module 508 to a user identity last recorded for use with the access terminal 500 and stored in the storage medium 506 .
  • the access terminal 500 can begin standard operations at step 606 . However, if it is determined that the user identity is not recorded for use with the access terminal at 604 , a report message may be generated to report a usage relationship between the user identity and the access terminal's identity at step 608 . In some implementations, the report message may be generated automatically in response to the determination that the user identity is not recorded for use with the access terminal 500 . In other implementations, the report message may be generated in response to a request received from a validation server. As an example, the processing circuit 502 can generate a report message that includes the user identity from the user identity module 508 and the access terminal identity 516 .
  • the report message is adapted to report to a validation server (such as the validation server 202 in FIG. 2 ) the usage relationship between the user identity and the access terminal identity 516 .
  • the report message may be generated to also include additional information, such as one or more of a timestamp, a counter, a vendor ID, a model number, as well as other information.
  • the access terminal signs the report message with a generated signature based on the validation key at step 610 .
  • the processing circuit 502 can generate a signature based on the validation key 514 using an algorithm for generating such a digital signature.
  • the processing circuit 502 can be adapted to employ one or more conventional digital signature algorithms to generate the signature, including an RSA-based signature scheme, DSA, ElGamal signature scheme, Schnorr signature, Pointcheval-Stern signature algorithm, Rabin signature algorithm, a pairing-based signature scheme (e.g., BLS signature scheme), as well as other conventional signature schemes or algorithms.
  • one or more conventional digital signature algorithms including an RSA-based signature scheme, DSA, ElGamal signature scheme, Schnorr signature, Pointcheval-Stern signature algorithm, Rabin signature algorithm, a pairing-based signature scheme (e.g., BLS signature scheme), as well as other conventional signature schemes or algorithms.
  • a transmission is sent to a validation server that includes the signed report message at step 612 .
  • the processing circuit 502 can transmit the signed report message via the communications interface 504 .
  • the processing circuit 502 may transmit the signed report message as one of a short messaging service (SMS), a packet-based message or a signaling message.
  • SMS short messaging service
  • the processing circuit 502 can be adapted to resend the transmission. If the transmission is successful, the access terminal may receive an acknowledgement message from the validation server at step 614 .
  • the acknowledgement message can indicate that the usage relationship between the user identity and the access terminal identity is validated and recorded.
  • the processing circuit 502 may receive the acknowledgement report via the communications interface 504 .
  • the acknowledgement message can be received as a transmission type corresponding to the report message transmission.
  • the acknowledgement transmission may comprise a Layer 2 Acknowledgement or SMS Acknowledgement (corresponding to a SMS report message transmission), a TCP Acknowledgment (corresponding to a packet-based report message transmission), or a signaling layer acknowledgement (corresponding to a report message transmission as a signaling message).
  • the validation server may return an explicit Acknowledgement message with pre-defined data format for the report message.
  • the access terminal 500 may store the user identity at step 616 with an indication that the user identity is recorded for use with the access terminal 500 .
  • the processing circuit 502 may store the user identity in the storage medium 506 with some indication that the user identity has been recorded for use with the access terminal 500 .
  • the access terminal 500 may commence standard use at 606 .
  • FIG. 7 is a block diagram illustrating select components of a validation server according to at least one implementation.
  • a validation server 700 may include a processing circuit 702 coupled to a communications interface 704 and to a storage medium 706 .
  • the processing circuit 702 is arranged to obtain, process and/or send data, control data access and storage, issue commands, and control other desired operations.
  • the processing circuit 702 may comprise circuitry configured to implement desired programming provided by appropriate media in at least one embodiment.
  • the processing circuit 702 may be implemented as one or more of a processor, a controller, a plurality of processors and/or other structure configured to execute executable instructions including, for example, software and/or firmware instructions, and/or hardware circuitry.
  • Embodiments of the processing circuit 702 may include a general purpose processor, a digital signal processor (DSP), an application specific integrated circuit (ASIC), a field programmable gate array (FPGA) or other programmable logic component, discrete gate or transistor logic, discrete hardware components, or any combination thereof designed to perform the functions described herein.
  • a general purpose processor may be a microprocessor but, in the alternative, the processor may be any conventional processor, controller, microcontroller, or state machine.
  • a processor may also be implemented as a combination of computing components, such as a combination of a DSP and a microprocessor, a number of microprocessors, one or more microprocessors in conjunction with a DSP core, or any other such configuration.
  • These examples of the processing circuit 702 are for illustration and other suitable configurations within the scope of the present disclosure are also contemplated.
  • the communications interface 704 is configured to facilitate wireless communications of the validation server 700 .
  • the communications interface 704 may include at least one transmitter 708 and/or at least one receiver 710 (e.g., one or more transmitter/receiver chains). Furthermore, one or more antennas (not shown) may be electrically coupled to the communications interface 704 .
  • the storage medium 706 may represent one or more devices for storing programming and/or data, such as processor executable code or instructions (e.g., software, firmware), electronic data, databases, or other digital information. According to one or more embodiments, at least one of such devices comprising the storage medium 706 may comprise a secured storage device.
  • the storage medium 706 may be any available media that can be accessed by a general purpose or special purpose processor.
  • the storage medium 706 may include read-only memory (e.g., ROM, EPROM, EEPROM), random access memory (RAM), magnetic disk storage mediums, optical storage mediums, flash memory devices, and/or other non-transitory computer-readable mediums for storing information.
  • the storage medium 706 may be coupled to the processing circuit 702 such that the processing circuit 702 can read information from, and write information to, the storage medium 706 .
  • the storage medium 706 or at least a portion thereof, may be integral to the processing circuit 702 .
  • the storage medium 706 may include a validation key 712 stored therein.
  • the validation key 712 can be provisioned by an administration authority 210 (see FIG. 2 ) into a secured portion of the storage medium 706 .
  • the validation key 712 corresponds to a validation key provisioned in one or more access terminals by an authorized vendor.
  • the validation key 712 may correspond to a type of access terminal or an identity of the vendor, as well as some combination of the two.
  • the validation key 712 may comprise, for example, a cryptographic key (e.g., an authentication key) or a digital certificate.
  • the validation server 700 may be implemented integral with an equipment identity register (EIR).
  • EIR equipment identity register
  • one or more of the processing circuit 702 , the storage medium 706 or the communications interface 704 may be implemented as part of, or integrated into an EIR, such as EIR 206 in FIG. 2 .
  • the processing circuit 702 may be adapted to perform any or all of the processes, functions, steps and/or routines related to the various validation servers as described herein above with reference to FIGS. 1-4 (e.g., validation server 202 ).
  • the term “adapted” in relation to the processing circuit 702 may refer to the processing circuit 702 being one or more of configured, employed, implemented, or programmed to perform a particular process, function, step and/or routine according to various features.
  • FIG. 8 is a flow diagram illustrating an example of at least one implementation of a method operational on a validation server, such as validation server 700 .
  • a validation key originating from an administration authority may be received at the validation server and stored in a storage medium at step 802 .
  • the processing circuit 702 may receive the validation key, and may store the validation key in the storage medium 706 .
  • the validation key may indicate that it corresponds to a validation key provisioned in a plurality of access terminals.
  • the validation server 700 may receive a transmission from an access terminal at step 804 .
  • the transmission includes a report message adapted to report a usage relationship between an access terminal identity and a user identity in the access terminal.
  • the report message is also signed with a signature.
  • the processing circuit 702 may receive the transmission via the communications interface 704 .
  • Such a transmission may be received, in at least some implementations, as one of a Short Messaging Service (SMS) message, a packet-based message, or a signaling message.
  • SMS Short Messaging Service
  • the validation server 700 authenticates the signature of the report message using the validation key. Authenticating the signature verifies to the validation server 700 that the access terminal is authorized to use the access terminal identity included in the report message.
  • the processing circuit 702 may employ one or more conventional algorithms to authenticate the digital signature included with the report message using the validation key 712 .
  • the processing circuit 702 may read, for example, the access terminal identity and/or vendor information associated with the access terminal (if included in the report message). Once the proper validation key 712 is identified, the processing circuit 700 can retrieve the proper validation key 712 and can apply the validation key 712 to authenticate the signature.
  • the validation server may, at step 808 , record the usage relationship between the access terminal identity and the user identity in a database that is accessible to an equipment identity register (EIR), such as EIR 206 in FIG. 2 .
  • EIR equipment identity register
  • the processing circuit 702 may receive via the communications interface 704 a validation request transmission from an entity of a network, which validation request transmission includes a user identity and an access terminal identity. The processing circuit 702 may then query the database for a record verifying a valid usage relationship between the user identity and the access terminal identity. If a record in the database verifies the usage relationship, the processing circuit 702 may determine the access terminal to be authorized.
  • the processing circuit 702 may determine the access terminal to be unauthorized and may deny the access terminal access to the requesting network.
  • the validation server 700 may send an acknowledgement message to the access terminal acknowledging receipt and authentication of the report message, at step 810 .
  • the processing circuit 702 may generate and send the acknowledgement message via the communications interface 704 .
  • the acknowledgement message may be sent as a transmission type corresponding to the of report message transmission.
  • the acknowledgement transmission may comprise a Layer 2 Acknowledgement or SMS Acknowledgement (corresponding to a SMS report message transmission), a TCP Acknowledgment (corresponding to a packet-based report message transmission), or a signaling layer acknowledgement (corresponding to a report message transmission as a signaling message).
  • the validation server may return an explicit Acknowledgement message with pre-defined data format for the report message.
  • FIGS. 1, 2, 3, 4, 5, 6, 7 , and/or 8 may be rearranged and/or combined into a single component, step, feature or function or embodied in several components, steps, or functions. Additional elements, components, steps, and/or functions may also be added without departing from the scope of the present disclosure.
  • the apparatus, devices and/or components illustrated in FIGS. 1, 2, 5 and/or 7 may be configured to perform one or more of the methods, features, or steps described in FIGS. 3, 4 (comprising 4 A and 4 B), 6 and/or 8 .
  • the novel algorithms described herein may also be efficiently implemented in software and/or embedded in hardware.
  • a process is terminated when its operations are completed.
  • a process may correspond to a method, a function, a procedure, a subroutine, a subprogram, etc.
  • a process corresponds to a function
  • its termination corresponds to a return of the function to the calling function or the main function.
  • embodiments may be implemented by hardware, software, firmware, middleware, microcode, or any combination thereof.
  • the program code or code segments to perform the necessary tasks may be stored in a machine-readable medium such as a storage medium or other storage(s).
  • a processor may perform the necessary tasks.
  • a code segment may represent a procedure, a function, a subprogram, a program, a routine, a subroutine, a module, a software package, a class, or any combination of instructions, data structures, or program statements.
  • a code segment may be coupled to another code segment or a hardware circuit by passing and/or receiving information, data, arguments, parameters, or memory contents. Information, arguments, parameters, data, etc. may be passed, forwarded, or transmitted via any suitable means including memory sharing, message passing, token passing, network transmission, etc.
  • machine-readable medium may include, but are not limited to portable or fixed storage devices, optical storage devices, and various other non-transitory mediums capable of storing, containing or carrying instruction(s) and/or data.
  • various methods described herein may be partially or fully implemented by instructions and/or data that may be stored in a “machine-readable medium”, “computer-readable medium”, and/or “processor-readable medium” and executed by one or more processors, machines and/or devices.
  • a software module may reside in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
  • a storage medium may be coupled to the processor such that the processor can read information from, and write information to, the storage medium. In the alternative, the storage medium may be integral to the processor.

Abstract

Methods and apparatuses are provided for facilitating authentication of access terminal identities and for recording a usage relationship between a valid access terminal identity and a user identity. An access terminal and a validation server are both provisioned with corresponding validation keys. The access terminal may determine that a user identity is not recorded for use with the access terminal, and may send a report message to report a usage relationship between the access terminal identity and the user identity, where the report message is signed with a signature based on the validation key. The validation server authenticates the signature using the validation key in the validation server. The validation server may record the usage relationship between the authenticated access terminal identity and the user identity in a database, which database records may be employed to determine whether an access terminal requesting network access is authorized or unauthorized.

Description

CLAIM OF PRIORITY
The present application for patent claims priority to Chinese Patent Application No. 201010131514.2 entitled “Method and Apparatus for Administration and Validation of Communication Device's Identity” filed Mar. 16, 2010, and assigned to the assignee hereof and hereby expressly incorporated by reference herein in its entirety.
BACKGROUND
Field
Various features disclosed herein pertain generally to wireless communication systems, and at least some features pertain to devices and methods for facilitating the authentication of access terminal identities and usage relationships between access terminal identities and user identities.
Background
Access terminals, such as mobile phones, pagers, wireless modems, personal digital assistants, personal information managers (PIMs), personal media players, palmtop computers, laptop computers, or any other device with a processor that communicates with other devices through wireless signals are becoming increasingly popular and are used more frequently. Subscribers using such access terminals in a wireless communication network are typically authenticated by the wireless communication network before being granted access to initiate and/or receive calls and transmit and/or receive data. Traditionally, wireless communication networks authenticate a subscriber by verifying a user identity comprising cryptographic information contained in and provided by, for example, an access terminal's Subscriber Identification Module (SIM) for GSM networks, Universal Subscriber Identification Module (USIM) for UMTS/LTE networks and Removable User Identification Module (RUIM) for CDMA networks. These SIMs, USIMs and RUIMs are typically chip and pin based cards that contain information about the subscriber/user of the access terminal and are removable from the access terminal. Users of access terminals equipped with such removable user identity modules are typically able to remove the SIM, USIM or RUIM card from one access terminal and place the card in another access terminal, thereby transferring their subscriber information easily from one access terminal to another.
While conventional wireless communication networks are adapted to authenticate the subscriber card (e.g., SIM, USIM, RUIM) being used in an access terminal, it may also be desirable for the wireless communication networks to authenticate the access terminal itself, and deny or allow network access to the access terminal based on the outcome of the access terminal authentication. There are a number of reasons why a network operator would want to authenticate the access terminal in addition to the subscriber card. One common reason includes, for example, authentication of access terminals in order to deter unauthorized manufacturers from producing or refurbishing access terminals that are not approved for use within a wireless communication network (e.g., grey market access terminals). By utilizing an authentication system that authenticates access terminals, the network operator may deny service to those access terminals produced or refurbished by unauthorized manufacturers that fail to authenticate with valid access terminal identification. Another common reason involves the risks of terrorist attacks carried out in part with the use of unauthorized access terminals. Government entities have recently expressed a strong desire that network operators be able to trace, track, authenticate, and disable all access terminals operating within a network operator's wireless communication network. Having the ability to authenticate an access terminal and deny service accordingly would prove advantageous in stopping criminal activities.
There currently exist mechanisms which enable wireless communication networks to query an access terminal's identity (ID). For example, a wireless communication network (e.g., GSM network, WCDMA network, TD-SCDMA network) may query and check an international mobile equipment identity (IMEI) number for 3GPP-compliant access terminals, or a wireless communication network (e.g., CDMA) may query and check a mobile equipment identifier (MEID) for 3GPP2-compliant access terminals. However, these existing mechanisms for obtaining an access terminal's ID fail to provide any assurance that the ID received from an access terminal actually belongs to that access terminal. For example, an unauthorized access terminal can illegally copy or otherwise obtain the ID of an authorized access terminal, and then provide that pirated ID to the requesting wireless communication network. In such a situation, the conventional wireless communication network is unable to distinguish between an authorized access terminal and an unauthorized access terminal employing a faked ID.
Therefore, there is a need for methods, apparatus, and/or systems that are adapted to both discover and validate the identity of an access terminal.
SUMMARY
Various features facilitate the authentication of access terminal identities and usage relationships between access terminal identities and user identities. One feature provides access terminals adapted to facilitate such authentication. These access terminals may comprise processing circuit coupled to a communications interface adapted to facilitate wireless communications, a user identity module including a user identity, and to a storage medium.
The user identity may comprise an International Mobile Subscriber Identity (IMSI). According to some implementations, the user identity module can comprise a removable user identity module such as a Subscriber Identification Module (SIM), a Universal Subscriber Identity Module (USIM), a CDMA Subscriber Identification Module (CSIM) or a Removable User Identification Modules (RUIM).
The storage medium may include a validation key and an access terminal identity stored therein. The access terminal identity can comprise one of an International Mobile Equipment Identity (IMEI) or a Mobile Equipment Identity (MEID).
The processing circuit may be adapted to determine that the user identity from the user identity module is not recorded for use with the access terminal. The processing circuit may generate a report message including the user identity and the access terminal identity. The report message may be generated in response to receipt of a request transmission or in response to a determination that the user identity has not been recorded for use. The report message can be adapted to report a usage relationship between the user identity and the access terminal identity. The processing circuit may sign the report message with a signature generated using the validation key, where the signature can authenticate that the access terminal is authorized to use the access terminal identity included in the report message. Using the communications interface, the processing circuit can send a transmission including the signed report message to a validation server. Such a transmission may be sent as one of a Short Messaging Service (SMS) message, a packet-based message, or a signaling message.
According to various embodiments, the processing circuit may be further adapted to receive an acknowledgement via the communications interface, where the acknowledgement indicates that the reported usage relationship between the user identity and the access terminal identity is validated and recorded. The processing circuit may then store user identity in the storage medium as recorded for use with the access terminal.
A method operational on an access terminal is also provided according to a feature. In at least one implementation of such methods, for instance, a validation key can be stored in a storage medium. A user identity from a user identity module in the access terminal can be determined to not be recorded for use with the access terminal. A report message may be generated, which includes the user identity and an access terminal identity. The report message can be adapted to report a usage relationship between the user identity and the access terminal identity. The report message may be signed with a signature generated based on the validation key, where the signature is adapted to authenticate that the access terminal is authorized to use the access terminal identity included in the report message. The signed report message can be sent in a transmission to a validation server.
Additional features provide validation servers adapted to facilitate the authentication of access terminal identities and usage relationships between access terminal identities and user identities. Such validation servers may comprise a communications interface adapted to facilitate wireless communications, a storage medium, and a processing circuit coupled to the communications interface and the storage medium. The communications interface, storage medium and processing circuit may be implemented integral with an equipment identity register (EIR).
The processing circuit may be adapted to receive and store a validation key in the storage medium. The processing circuit may receive a transmission from an access terminal, via the communications interface. The transmission may include a report message reporting a usage relationship between an access terminal identity and a user identity in the access terminal, where the report message is signed with a signature. The processing circuit may authenticate the signature of the report message using the validation key to verify that the access terminal is authorized to use the access terminal identity included in the report message.
According to some embodiments, the processing circuit may be further adapted to record the usage relationship between the access terminal identity and the user identity in a database accessible to the EIR. The processing circuit when implemented integral with the EIR, may also be adapted to receive via the communications interface a validation request transmission including the user identity and the access terminal identity from a network entity, query the database for a record verifying a valid usage relationship between the user identity and the access terminal identity, determine the access terminal to be authorized if a record in the database verifies the usage relationship between the user identity and the access terminal identity, and determine the access terminal to be unauthorized if a record in the database disproves the usage relationship or if no record in the database verifies the usage relationship between the user identity and the access terminal identity.
A method operational on a validation server is also provided according to a feature. According to one or more implementations of such methods, a validation key may be received and stored in a storage medium. A transmission may be received from an access terminal, which transmission may include a report message reporting a usage relationship between an access terminal identity and a user identity in the access terminal, where the report message is signed with a signature. The signature of the report message may be authenticated using the validation key to verify that the access terminal is authorized to use the access terminal identity included in the report message.
Such methods may further include recording the usage relationship between the access terminal identity and the user identity in a database accessible to an equipment identity register (EIR). In addition, a validation request transmission including the user identity and the access terminal identity may be received from an entity of a communication network. A database may be queried for a record verifying a usage relationship between the user identity and the access terminal identity. If a record verifies the usage relationship between the user identity and the access terminal identity, the access terminal may be determined as authorized. If, on the other hand, a record in the database disproves the usage relationship or if no record in the database verifies the usage relationship between the user identity and the access terminal identity, the access terminal may be determined to be unauthorized.
BRIEF DESCRIPTION OF THE DRAWINGS
FIG. 1 is a block diagram illustrating an example of a wireless communication system in which one or more implementations of the present disclosure can find application.
FIG. 2 is a block diagram illustrating an example of a network environment for authenticating an access terminal's identity and recording a usage relationship between the access terminal's identity and a subscriber's identity.
FIG. 3 is a flow diagram illustrating an example of provisioning a validation key in one or more access terminals and in the validation server.
FIG. 4 (comprising FIGS. 4A and 4B) is a flow diagram illustrating an example of authenticating an access terminal identity and recording a relationship between the access terminal identity and a user identity.
FIG. 5 is a block diagram illustrating select components of an access terminal according to at least one implementation.
FIG. 6 is a flow diagram illustrating an example of at least one implementation of a method operational on an access terminal, such as the access terminal of FIG. 5.
FIG. 7 is a block diagram illustrating select components of a validation server according to at least one implementation.
FIG. 8 is a flow diagram illustrating an example of at least one implementation of a method operational on a validation server, such as the validation server of FIG. 7.
 DETAILED DESCRIPTION
In the following description, specific details are given to provide a thorough understanding of the described implementations. However, it will be understood by one of ordinary skill in the art that the implementations may be practiced without these specific details. For example, circuits may be shown in block diagrams in order not to obscure the implementations in unnecessary detail. In other instances, well-known circuits, structures and techniques may be shown in detail in order not to obscure the implementations.
The word “exemplary” is used herein to mean “serving as an example, instance, or illustration.” Any implementation or embodiment described herein as “exemplary” is not necessarily to be construed as preferred or advantageous over other embodiments or implementations. Likewise, the term “embodiments” does not require that all embodiments include the discussed feature, advantage or mode of operation. The term “base station” and “access terminal” as used herein are meant to be interpreted broadly. For example, a “base station” may refer to a device that facilitates wireless connectivity (for one or more access terminals) to a communication or data network. Examples of “base stations” may include base stations transceivers (BTS), Node-B devices, femto cells, pico cells, etc. Furthermore, an “access terminal” may include mobile phones, pagers, wireless modems, personal digital assistants, personal information managers (PIMs), personal media players, palmtop computers, laptop computers, and/or other mobile communication/computing devices which communicate, at least partially, through a wireless or cellular network.
Overview
One feature provides apparatuses and methods for authenticating that an access terminal is authorized to use an access terminal identity. An access terminal may initially be provisioned with a validation key originating from an administration authority. During operation, the access terminal may determine that a user identity from a user identity module in the access terminal is not currently recorded for use with the access terminal. The access terminal may generate a report message that includes the user identity and the access terminal's identity to report a usage relationship between the user identity and the access terminal identity. The report message is signed with a signature that is generated based on the validation key to authenticate that the access terminal is an authorized user of the access terminal identity. The access terminal then sends the report message to a validation server.
Another feature provides apparatuses and methods for recording a usage relationship between the access terminal identity and a user identity. A validation server may be provisioned with a validation key originating from an administration authority. The validation server may receive a report message from an access terminal, where the report message reports a usage relationship between an access terminal identity and a user identity from a user identity module in the access terminal. The report message is signed with a signature that is authenticated by the validation server using the validation key. Since the validation key used by the access terminal to sign the report message is only available via authorized vendors, an authenticated signature indicates that the access terminal identity sent by the access terminal is valid and that the access terminal is an authorized device. The validation server can record the usage relationship between the access terminal identity and the user identity in a database that is accessible to an equipment identity register (EIR) so that a network entity can validate that the access terminal is authorized for use on the network.
Exemplary Network Environments
FIG. 1 is a block diagram illustrating an example of a wireless communication system 10 in which one or more implementations of the present disclosure can find application. As illustrated in FIG. 1, a wireless communication network 10 generally includes a plurality of access terminals (also called remote stations, mobile stations, subscriber units, or user equipment) 12 a-12 d, a plurality of base stations (also called base stations transceivers (BTS), Node-B devices, femto cells, pico cells, etc.) 14 a-14 c, a base station controller (BSC) (also called radio network controller or packet control function) 16, a mobile switching center (MSC) or switch 18, a packet data serving node (PDSN) or internetworking function (IWF) 20, a public switched telephone network (PSTN) 22 (typically a telephone company), and a packet switched data network 24 (typically an Internet Protocol (IP) network). The wireless communication network 10 may also include access network authentication, authorization and accounting equipment (AN-AAA) 26, 28 for providing user account status (normal, shutdown, arrears), and for maintaining and storing such user account information. For purposes of simplicity, four access terminals 12 a-12 d, three base stations 14 a-14 c, one BSC 16, one MSC 18, and one PDSN 20 are shown. It would be understood by those skilled in the art that there could be any number of access terminals 12, base stations 14, BSCs 16, MSCs 18, and PDSNs 20.
In one embodiment the wireless communication network 10 is a packet data service network. The access terminals 12 a-12 d may be any of a number of different types of wireless communication devices such as a portable phone, a cellular telephone that is connected to a laptop computer running IP-based Web-browser applications, a cellular telephone with associated hands-free car kits, a personal data assistant (PDA) running IP-based Web-browser applications, a wireless communication module incorporated into a portable computer, or a fixed location communication module such as might be found in a wireless local loop or meter reading system. In the most general embodiment, access terminals may be any type of communication unit.
The access terminals 12 a-12 d may be configured to perform one or more wireless packet data protocols such as described in, for example, the EIA/TIA/IS-707 standard. In a particular implementation, the access terminals 12 a-12 d generate IP packets destined for the IP network 24 and encapsulates the IP packets into frames using a point-to-point protocol (PPP).
In one embodiment the IP network 24 is coupled to the PDSN 20, the PDSN 20 is coupled to the MSC 18, the MSC is coupled to the BSC 16 and the PSTN 22, and the BSC 16 is coupled to the base stations 14 a-14 c via wirelines configured for transmission of voice and/or data packets in accordance with any of several known protocols including, e.g., E1, T1, Asynchronous Transfer Mode (ATM), Internet Protocol (IP), Point-to-Point Protocol (PPP), Frame Relay, High-bit-rate Digital Subscriber Line (HDSL), Asymmetric Digital Subscriber Line (ADSL), or other generic digital subscriber line equipment and services (xDSL). In other implementations, the BSC 16 is coupled directly to the PDSN 20, and the MSC 18 is not coupled to the PDSN 20.
During typical operation of the wireless communication network 10, the base stations 14 a-14 c receive and demodulate sets of reverse link signals from various access terminals 12 a-12 d engaged in telephone calls, Web browsing, or other data communications. Each reverse link signal received by a given base station 14 a-14 c is processed within that base station 14 a-14 c. Each base station 14 a-14 c may communicate with a plurality of access terminals 12 a-12 d by modulating and transmitting sets of forward link signals to the access terminals 12 a-12 d. For example, as shown in FIG. 1, the base station 14 a communicates with first and second access terminals 12 a, 12 b simultaneously, and the base station 14 c communicates with third and fourth access terminals 12 c, 12 d simultaneously. The resulting packets are forwarded to the BSC 16, which provides call resource allocation and mobility management functionality including the orchestration of soft handoffs of a call for a particular access terminal 12 a-12 d from one base station 14 a-14 c to another base station 14 a-14 c. For example, an access terminal 12 c is communicating with two base stations 14 b, 14 c simultaneously. Eventually, when the access terminal 12 c moves far enough away from one of the base stations 14 c, the call will be handed off to the other base station 14 b.
If the transmission is a conventional telephone call, the BSC 16 will route the received data to the MSC 18, which provides additional routing services for interface with the PSTN 22. If the transmission is a packet-based transmission such as a data call destined for the IP network 24, the MSC 18 will route the data packets to the PDSN 20, which will send the packets to the IP network 24. Alternatively, the BSC 16 will route the packets directly to the PDSN 20, which sends the packets to the IP network 24.
Each of the access terminals 12A-12D includes an identity. For example, for 3GPP-compliant access terminals (e.g., access terminals adapted for use in a wireless communication network 10 comprising a GSM network, WCDMA network or TD-SCDMA network, LTE network), the access terminals 12A-12D may each comprise an international mobile equipment identity (IMEI) number. As another example, for 3GPP2-compliant access terminals (e.g., access terminals adapted for use in a wireless communication network 10 comprising a CDMA network), the access terminals 12A-12D may each comprise a mobile equipment identifier (MEID).
In addition to an access terminal identity, each of the access terminals 12A-12D includes a user identity (or subscriber identity) that identifies the subscriber using the particular access terminal. For example, each access terminal 12A-12D may include a removable subscriber identification module (e.g., SIM, USIM, CSIM), or a removable user identification module (RUIM), depending on the particular implementation of the wireless communication network 10.
Exemplary Access Terminal and Subscriber Authentication Environment
Certain aspects of the present disclosure provide techniques for facilitating the authentication of an access terminal (or device) identity and for recording a usage relationship between the access terminal identity and a user identity. FIG. 2 is a block diagram illustrating an example of a network environment 200 for authenticating an access terminal's identity and for recording a usage relationship between the access terminal's identity and a subscriber's identity. As illustrated in FIG. 2, the network may include a validation server 202 adapted to perform one or more authentication/validation functions of an access terminal 204. The validation server 202 may be implemented as a part of an equipment identity register (EIR) 206 or can be communicatively connected to an EIR 206 and/or to a database 208 accessible to the EIR 206. The database 208 includes a plurality of access terminal identities that are either authorized for use (e.g., whitelisted) or unauthorized for use (e.g., blacklisted). The EIR 206 may be deployed in either a centralized or a distributed topology, and may be deployed, for example, by a network operator, a government, and/or an industrial organization.
Both the validation server 202 and the access terminal 204 are provided with a validation key originating from an administration authority 210. Such a validation key may comprise, for example, a cryptographic key (e.g., an authentication key) or a digital certificate. The administration authority 210 may comprise a trustworthy entity that issues validation keys adapted to certify the ownership of a public key. According to at least one implementation, the administration authority 210 may issue the validation key to an authorized device vendor 212 of the access terminal 204 on request by the vendor 212. The validation key may be provided by the administration authority 210 as either a vendor-specific validation key or as a model-specific validation key. That is, the validation key may be provided by the administration authority 210 for use with all models of access terminals from the vendor 212 (vendor-specific), or it may be provided for use with only a specific model of access terminals from the vendor 212 (model-specific). In the case where each model is to be assigned with a unique validation key (model-specific), the assignment of the validation key may be performed as part of a device approval process through which the vendor 212 obtains a network-access license from the administration authority 210 for the particular model of access terminal.
After the vendor 212 obtains the validation key, the vendor 212 can securely store the assigned validation key (or a diversified key derived from the assigned validation key) into its access terminal products. For example, the vendor 212 may load the validation key into a secured storage medium of the access terminal 204 so that the validation key cannot be read out by an attacker. In addition to providing the validation key for each access terminal 204, the administration authority 210 also securely provides the validation key (or a diversified key derived from the validation key) to the validation server 202. In this manner, the access terminal 204 can employ the validation key for signing communications with the validation server 202, and the validation server 202 can employ the corresponding validation key to verify such signed communications from the access terminal 204.
According to a feature, the access terminal 204 is adapted to identify whether a user identity (e.g., International Mobile Subscriber Identity (IMSI)) associated with a user identity module (e.g., SIM, USIM, RUIM, CSIM) employed with the access terminal 204 is different from a user identity previously recorded for use with the access terminal 204. When it is determined that the user identity is different, the access terminal 204 may generate and send a transmission to the validation server including the user identity (e.g., IMSI) and the identity of the access terminal 204 (e.g., International Mobile Equipment Identity (IMEI), Mobile Equipment Identity (MEID)), which transmission is signed by the access terminal 204 using the validation key. The transmission may be automatically generated and sent by the access terminal 204 upon identifying the new user identity, or the transmission may be requested by the validation server 202 upon some indication that the combination of the user identity and access terminal identity is not currently recorded for use together (e.g., never before been used together, not recently used together, etc.).
The validation server 202 receives the transmission via a wireless communication network 214, which may be similar to the wireless communication network 10 in FIG. 1. Upon receipt of the transmission, the validation server 202 can authenticate the transmission by validating the signature using the validation key provisioned in the validation server 202. If the transmission is validated, indicating that the access terminal is an authorized device, the validation server 202 may update the database 208 with the new relationship between the user identity and the access terminal identity. Since access terminals produced by unauthorized vendors, or access terminals attempting to fake an identity (e.g., IMEI, MEID) will not have the validation key, the validation server 202 will be able to identify those access terminals.
In this manner, if some entity of the wireless communication network 214 seeks to verify that the access terminal 204 and its active subscriber are valid, that entity may make a validation request to the EIR 206, as indicated by arrows 216. Upon receiving such a validation request, the EIR 206 can perform a check in the database 208 to determine whether the user identity is authorized for use with the access terminal identity.
Facilitating Validation Key Provisioning to Access Terminal and Validation Server
FIG. 3 is a flow diagram illustrating an example of provisioning a validation key in one or more access terminals and in the validation server. In this example, the validation server 202, an access terminal 204, the administration authority 210 and vendor 212 of FIG. 2 are used for illustration purposes. The authorized access terminal vendor 212 may send a transmission to the administration authority 210 applying for or requesting a validation key at step 302.
The administration authority 210 may verify the qualification of the vendor 212, and may securely assign a validation key to the qualifying vendor 212 at step 304. The administration authority 210 verifies the qualification of the vendor 212 in order to ensure that validation keys are not given to an entity that will use the validation key to circumvent the security provided by the present disclosure. Once the validation key is assigned, the vendor 212 can securely provision the validation key (or a diversified key derived from the validation key) into the access terminals 204 of the vendor 212 at step 306. For example, the vendor 212 may load the validation key into a secured storage medium of each access terminal 204 so that the validation key cannot be read out by an attacker. With the vendor 212 securely storing the validation key in each authorized access terminal 204, unauthorized access terminals will not have the ability to obtain a validation key. Without a validation key, such unauthorized access terminals are unable to circumvent the security measures described herein.
At step 308, the administration authority 210 also securely provisions the validation key (or a diversified key derived from the validation key) into the validation server 202. For example, the administration authority 210 can communicate with the validation server 202 via a secured or encrypted transmission to provide the validation key to the validation server 202. The validation server 202 may also store the validation key in a secured storage medium so that the validation key cannot be read out by an attacker.
Facilitating Access Terminal Authentication Using a Validation Key
FIG. 4 (comprising FIGS. 4A and 4B) is a flow diagram illustrating an example of authenticating an access terminal identity and recording a relationship between the access terminal identity and a user identity. In this example, the access terminal 204, validation server 202, database 208 and equipment identity register (EIR) 206 of FIG. 2 are used for illustration purposes. Initially, the access terminal 204 may read a user identity (e.g., IMSI) from a user identity module at step 402. For example, the access terminal 204 may be adapted to read the user identity each time the access terminal 204 is powered on. The user identity module comprises a module adapted to store a user identity in such a manner that the user identity can be changed. For example, the user identity module may comprise a removable user identity module (e.g., SIM, USIM, RUIM, CSIM). In other implementations, the user identity may comprise a module that is not removable, but rather reprogrammable, such as a non-RUIM adapted access terminal configured for a CDMA adapted communications network. In such embodiments, the user identity in the non-removable user identity module can be changed through Over-the-Air Service Provisioning (OTASP) or Over-the-Air Parameter Administration (OTAPA).
At step 404, the access terminal 204 determines whether the user identity is currently recorded for use with the access terminal 204. For example, the access terminal 204 may compare the user identity read from the user identity module with the user identity employed in the most recent successful registration. That is, the access terminal 204 compares the user identity with the user identity that was last successfully recorded for use with the access terminal 204. In other implementation, the access terminal 204 may determine whether the user identity has ever been recorded, or has been recorded within a determined period of time for use with the access terminal 204.
If the access terminal 204 determines that the user identity is recorded for use with the access terminal 204, then it may continue with normal operations. However, in response to determining that a user identity is not currently recorded, or optionally in response to a request 406 from the validation server 202, the access terminal 204 may generate a report message for the validation server 202 at step 408. The report message includes the identity of both the subscriber (e.g., IMSI) and the access terminal 204 (e.g., IMEI, MEID). The report message can also include additional information, such as one or more of a timestamp, a counter, a vendor ID, a model number, as well as other information.
In addition to obtaining the information for the report message, the access terminal 204 generates a signature for the report message based on the validation key 410. For example, the access terminal 204 may calculate a signature based on the validation key, or a medium or session-based key derived from the assigned validation key using any known key derivation algorithm. At step 412, the access terminal 204 sends a transmission including the signed report message (e.g., signature, access terminal identity and user identity) to the validation server 202. According to various implementations, the access terminal 204 may send the transmission via any means for sending transmissions over a wireless communication network 214. For example, the transmission can be sent as a short message service (SMS), a packet-based message or a signaling message with a predefined format.
When the validation server 202 receives the transmission comprising the signed report message, the validation server 202 retrieves the validation key associated with the access terminal 204 at step 414. For example, the validation server 202 may employ the identity of the access terminal 204 (e.g., IMEI, MEID), and/or vendor information associated with the access terminal 204, if such vendor information is included in the received transmission. Employing the respective validation key associated with the access terminal 204, the validation server verifies the signature of the report message at step 416 to authenticate that the access terminal 204 is authorized to use the access terminal identity included in the report message. If the signature is valid, the validation server 202 may update the database 208 to store a record of the new relationship between the identity of the access terminal 204 and the identity of the subscriber, as indicated at step 418. If, however, the signature is not valid, the validation server 202 may simply ignore the report message.
Upon a successful authentication and/or upon successfully updating the record in the database 208, the validation server 202 may send an acknowledgment transmission to the access terminal 204 at step 420, acknowledging that the signature was verified and/or that the database 208 has been updated. The acknowledgement transmission may be in one of various forms, depending on the form of the report message transmission. If the report message transmission is sent as a short message service (SMS) transmission, the acknowledgement transmission may comprise, for example, a Layer 2 Acknowledgement or SMS Acknowledgement. If the report message transmission is sent as a packet-based message, the acknowledgement transmission may comprise, for example, a TCP Acknowledgment for TCP packet delivery. Furthermore, if the report message transmission is sent as a signaling message, the acknowledgement transmission may comprise, for example, a signaling layer acknowledgement. Alternatively, the validation server 202 may return an explicit Acknowledgement message with pre-defined data format for the report message.
Upon receipt of the acknowledgement transmission, the access terminal 204 stores the user identity as a user identity recorded for use with the access terminal 204, as shown at step 422. The access terminal 204 can then operate under normal use.
During use of the access terminal 204 on a wireless communication network, the access terminal 204 may request access to certain services from the network, or the network (or some entity of the network) may desire to verify the status of the access terminal 204 for one or more particular reasons. In such a case, one or more entities (e.g., a MSC 18 (see FIG. 1) in the mobile switching domain or a Serving GPRS Support Node (SGSN) in the packet switching domain) in the serving network may request the EIR 206 to verify the status of the identity of the access terminal 204, as depicted at step 424. According to at least one implementation, the EIR 206 may receive such a request including the identity of the access terminal 204 (e.g., IMEI, MEID) and the identity of the subscriber (e.g., IMSI). The EIR 206 checks the database 208 at step 426. If the record stored at the database 208 indicates that the identity of the access terminal 204 is associated with and/or authorized for use with the user identity, then the EIR 206 can conclude at step 428 that the access terminal 204 is authorized. Conversely, if the record stored at the database 208 indicates that the identity of the access terminal 204 is not associated with and/or authorized for use with the user identity, then the EIR 206 can conclude at step 428 that the access terminal 204 is not authorized for use with the network.
Because only authorized devices are provided with a validation key, and since the validation key is used to update the record at the database 208, only authorized access terminals can be permitted to use the network. Any access terminal that reports a user identity to the network that is not recorded for use with the access terminal identity can be determined to be an unauthorized or illegal access terminal and can be blocked from using the network.
Exemplary Access Terminal
FIG. 5 is a block diagram illustrating select components of an access terminal 500 according to at least one implementation. The access terminal 500 may include a processing circuit 502 coupled to a communications interface 504, a storage medium 506, and a user identity module 508.
The processing circuit 502 is arranged to obtain, process and/or send data, control data access and storage, issue commands, and control other desired operations. The processing circuit 502 may comprise circuitry configured to implement desired programming provided by appropriate media in at least one embodiment. For example, the processing circuit 502 may be implemented as one or more of a processor, a controller, a plurality of processors and/or other structure configured to execute executable instructions including, for example, software and/or firmware instructions, and/or hardware circuitry. Embodiments of the processing circuit 502 may include a general purpose processor, a digital signal processor (DSP), an application specific integrated circuit (ASIC), a field programmable gate array (FPGA) or other programmable logic component, discrete gate or transistor logic, discrete hardware components, or any combination thereof designed to perform the functions described herein. A general purpose processor may be a microprocessor but, in the alternative, the processor may be any conventional processor, controller, microcontroller, or state machine. A processor may also be implemented as a combination of computing components, such as a combination of a DSP and a microprocessor, a number of microprocessors, one or more microprocessors in conjunction with a DSP core, or any other such configuration. These examples of the processing circuit 502 are for illustration and other suitable configurations within the scope of the present disclosure are also contemplated.
The communications interface 504 is configured to facilitate wireless communications of the access terminal 500. The communications interface 504 may include at least one transmitter 510 and/or at least one receiver 512 (e.g., one or more transmitter/receiver chains). Furthermore, one or more antennas (not shown) may be electrically coupled to the communications interface 504.
The storage medium 506 may represent one or more devices for storing programming and/or data, such as processor executable code or instructions (e.g., software, firmware), electronic data, databases, or other digital information. According to at least one embodiment, one or more of such devices comprising the storage medium 506 may comprise a secured storage device. The storage medium 506 may be any available media that can be accessed by a general purpose or special purpose processor. By way of example and not limitation, the storage medium 506 may include read-only memory (e.g., ROM, EPROM, EEPROM), random access memory (RAM), magnetic disk storage mediums, optical storage mediums, flash memory devices, and/or other non-transitory computer-readable mediums for storing information. The storage medium 506 may be coupled to the processing circuit 502 such that the processing circuit 502 can read information from, and write information to, the storage medium 506. In the alternative, the storage medium 506, or at least a portion thereof, may be integral to the processing circuit 502.
The storage medium 506 may include a validation key 514 stored therein. For example, the validation key 514 can be provisioned by a vendor 212 (see FIG. 2) within a secured portion of the storage medium 506. The validation key 514 may comprise, for example, a cryptographic key (e.g., an authentication key) or a digital certificate. The storage medium 506 may also include an access terminal identity 516 stored therein. The access terminal identity 516 may comprise, for example, an International Mobile Equipment Identity (IMEI) or a Mobile Equipment Identity (MEID).
The user identity module 508 is adapted to securely store a user identity, such as an International Mobile Subscriber Identity (IMSI). In some implementations, the user identity module 508 may comprise a removable user identity module 508 such that a user can remove and insert different user identity modules 508 as desired. Such a removable user identity module may include, for example, a SIM, USIM, CSIM, or RUIM. In other implementations, the user identity module 508 may comprise a programmable user identity module 508. An example of such a programmable user identity module 508 includes a module for securely storing a user identity that is employed in a CDMA adapted access terminal that does not use a RUIM. Such a programmable user identity module 508 can be programmed with a new or updated user identity with Over-the-Air Service Provisioning (OTASP) or Over-the-Air Parameter Administration (OTAPA).
According to one or more features, the processing circuit 502 may be adapted to perform any or all of the processes, functions, steps and/or routines related to the various access terminals as described herein above with reference to FIGS. 1-4 (e.g., access terminal 12A-12D and/or 204). As used herein, the term “adapted” in relation to the processing circuit 502 may refer to the processing circuit 502 being one or more of configured, employed, implemented, or programmed to perform a particular process, function, step and/or routine according to various features.
FIG. 6 is a flow diagram illustrating an example of at least one implementation of a method operational on an access terminal, such as the access terminal 500. With reference to both of FIGS. 5 and 6, a validation key may be received from an authorized vendor and stored in a storage medium at step 602. For example, the validation key 514 can be provisioned into a secured portion of the storage medium 506 by the authorized vendor (such as the vendor 212 in FIG. 2). According to at least one implementation, the processing circuit 502 may be adapted to receive the validation key 514 from an authorized vendor, and then store the received validation key 514 in the storage medium 506.
At decision diamond 604, it is determined whether a user identity from a user identity module is recorded for use with the access terminal. For example, the processing circuit 502 can read the user identity from the user identity module 508. The processing circuit 502 can then compare the user identity to a user identity stored by the access terminal 500 as a user identity that is recorded for use with the access terminal 500. In at least one implementation, the processing circuit 502 may compare the user identity from the user identity module 508 to a user identity last recorded for use with the access terminal 500 and stored in the storage medium 506.
If it is determined that the user identity from the user identity module 508 is recorded for use with the access terminal 500, then the access terminal 500 can begin standard operations at step 606. However, if it is determined that the user identity is not recorded for use with the access terminal at 604, a report message may be generated to report a usage relationship between the user identity and the access terminal's identity at step 608. In some implementations, the report message may be generated automatically in response to the determination that the user identity is not recorded for use with the access terminal 500. In other implementations, the report message may be generated in response to a request received from a validation server. As an example, the processing circuit 502 can generate a report message that includes the user identity from the user identity module 508 and the access terminal identity 516. The report message is adapted to report to a validation server (such as the validation server 202 in FIG. 2) the usage relationship between the user identity and the access terminal identity 516. According to one or more implementations, the report message may be generated to also include additional information, such as one or more of a timestamp, a counter, a vendor ID, a model number, as well as other information.
In order to authenticate that the access terminal identity 516 included in the report message is authentic (i.e., not being faked by the access terminal in order to deceive the validation server), the access terminal signs the report message with a generated signature based on the validation key at step 610. For example, the processing circuit 502 can generate a signature based on the validation key 514 using an algorithm for generating such a digital signature. By way of example and not limitation, the processing circuit 502 can be adapted to employ one or more conventional digital signature algorithms to generate the signature, including an RSA-based signature scheme, DSA, ElGamal signature scheme, Schnorr signature, Pointcheval-Stern signature algorithm, Rabin signature algorithm, a pairing-based signature scheme (e.g., BLS signature scheme), as well as other conventional signature schemes or algorithms.
After the report message is generated and digitally signed, a transmission is sent to a validation server that includes the signed report message at step 612. For example, the processing circuit 502 can transmit the signed report message via the communications interface 504. According to one or more implementations, the processing circuit 502 may transmit the signed report message as one of a short messaging service (SMS), a packet-based message or a signaling message.
If transmission of the report message is unsuccessful, the processing circuit 502 can be adapted to resend the transmission. If the transmission is successful, the access terminal may receive an acknowledgement message from the validation server at step 614. The acknowledgement message can indicate that the usage relationship between the user identity and the access terminal identity is validated and recorded. For example, the processing circuit 502 may receive the acknowledgement report via the communications interface 504. The acknowledgement message can be received as a transmission type corresponding to the report message transmission. For example, the acknowledgement transmission may comprise a Layer 2 Acknowledgement or SMS Acknowledgement (corresponding to a SMS report message transmission), a TCP Acknowledgment (corresponding to a packet-based report message transmission), or a signaling layer acknowledgement (corresponding to a report message transmission as a signaling message). Alternatively, the validation server may return an explicit Acknowledgement message with pre-defined data format for the report message.
After the acknowledgement message is received, the access terminal 500 may store the user identity at step 616 with an indication that the user identity is recorded for use with the access terminal 500. For example, the processing circuit 502 may store the user identity in the storage medium 506 with some indication that the user identity has been recorded for use with the access terminal 500. In this manner, when the access terminal 500 repeats the forgoing method (e.g., when it is powered on again), it will determine the user identity to be properly recorded for use at decision diamond 604, and will go to standard use at 606. After the user identity is stored as a recorded user identity, the access terminal 500 may commence standard use at 606.
Exemplary Validation Server
FIG. 7 is a block diagram illustrating select components of a validation server according to at least one implementation. As shown, a validation server 700 may include a processing circuit 702 coupled to a communications interface 704 and to a storage medium 706.
The processing circuit 702 is arranged to obtain, process and/or send data, control data access and storage, issue commands, and control other desired operations. The processing circuit 702 may comprise circuitry configured to implement desired programming provided by appropriate media in at least one embodiment. For example, the processing circuit 702 may be implemented as one or more of a processor, a controller, a plurality of processors and/or other structure configured to execute executable instructions including, for example, software and/or firmware instructions, and/or hardware circuitry. Embodiments of the processing circuit 702 may include a general purpose processor, a digital signal processor (DSP), an application specific integrated circuit (ASIC), a field programmable gate array (FPGA) or other programmable logic component, discrete gate or transistor logic, discrete hardware components, or any combination thereof designed to perform the functions described herein. A general purpose processor may be a microprocessor but, in the alternative, the processor may be any conventional processor, controller, microcontroller, or state machine. A processor may also be implemented as a combination of computing components, such as a combination of a DSP and a microprocessor, a number of microprocessors, one or more microprocessors in conjunction with a DSP core, or any other such configuration. These examples of the processing circuit 702 are for illustration and other suitable configurations within the scope of the present disclosure are also contemplated.
The communications interface 704 is configured to facilitate wireless communications of the validation server 700. The communications interface 704 may include at least one transmitter 708 and/or at least one receiver 710 (e.g., one or more transmitter/receiver chains). Furthermore, one or more antennas (not shown) may be electrically coupled to the communications interface 704.
The storage medium 706 may represent one or more devices for storing programming and/or data, such as processor executable code or instructions (e.g., software, firmware), electronic data, databases, or other digital information. According to one or more embodiments, at least one of such devices comprising the storage medium 706 may comprise a secured storage device. The storage medium 706 may be any available media that can be accessed by a general purpose or special purpose processor. By way of example and not limitation, the storage medium 706 may include read-only memory (e.g., ROM, EPROM, EEPROM), random access memory (RAM), magnetic disk storage mediums, optical storage mediums, flash memory devices, and/or other non-transitory computer-readable mediums for storing information. The storage medium 706 may be coupled to the processing circuit 702 such that the processing circuit 702 can read information from, and write information to, the storage medium 706. In the alternative, the storage medium 706, or at least a portion thereof, may be integral to the processing circuit 702.
The storage medium 706 may include a validation key 712 stored therein. For example, the validation key 712 can be provisioned by an administration authority 210 (see FIG. 2) into a secured portion of the storage medium 706. The validation key 712 corresponds to a validation key provisioned in one or more access terminals by an authorized vendor. For example, the validation key 712 may correspond to a type of access terminal or an identity of the vendor, as well as some combination of the two. The validation key 712 may comprise, for example, a cryptographic key (e.g., an authentication key) or a digital certificate.
The validation server 700, or at least some of the components of the validation server 700, may be implemented integral with an equipment identity register (EIR). For example, one or more of the processing circuit 702, the storage medium 706 or the communications interface 704 may be implemented as part of, or integrated into an EIR, such as EIR 206 in FIG. 2.
According to one or more features, the processing circuit 702 may be adapted to perform any or all of the processes, functions, steps and/or routines related to the various validation servers as described herein above with reference to FIGS. 1-4 (e.g., validation server 202). As used herein, the term “adapted” in relation to the processing circuit 702 may refer to the processing circuit 702 being one or more of configured, employed, implemented, or programmed to perform a particular process, function, step and/or routine according to various features.
FIG. 8 is a flow diagram illustrating an example of at least one implementation of a method operational on a validation server, such as validation server 700. With reference to both of FIGS. 7 and 8, a validation key originating from an administration authority may be received at the validation server and stored in a storage medium at step 802. For example, the processing circuit 702 may receive the validation key, and may store the validation key in the storage medium 706. The validation key may indicate that it corresponds to a validation key provisioned in a plurality of access terminals.
The validation server 700 may receive a transmission from an access terminal at step 804. The transmission includes a report message adapted to report a usage relationship between an access terminal identity and a user identity in the access terminal. The report message is also signed with a signature. According to at least one implementation, the processing circuit 702 may receive the transmission via the communications interface 704. Such a transmission may be received, in at least some implementations, as one of a Short Messaging Service (SMS) message, a packet-based message, or a signaling message.
At step 806, the validation server 700 authenticates the signature of the report message using the validation key. Authenticating the signature verifies to the validation server 700 that the access terminal is authorized to use the access terminal identity included in the report message. As an example, the processing circuit 702 may employ one or more conventional algorithms to authenticate the digital signature included with the report message using the validation key 712. In order to identify the proper validation key 712 to be employed for authentication, the processing circuit 702 may read, for example, the access terminal identity and/or vendor information associated with the access terminal (if included in the report message). Once the proper validation key 712 is identified, the processing circuit 700 can retrieve the proper validation key 712 and can apply the validation key 712 to authenticate the signature.
After the signature is authenticated, the validation server may, at step 808, record the usage relationship between the access terminal identity and the user identity in a database that is accessible to an equipment identity register (EIR), such as EIR 206 in FIG. 2. As noted above, some implementations of the validation server 700 may be integrated into an EIR. In such implementations, the processing circuit 702 may receive via the communications interface 704 a validation request transmission from an entity of a network, which validation request transmission includes a user identity and an access terminal identity. The processing circuit 702 may then query the database for a record verifying a valid usage relationship between the user identity and the access terminal identity. If a record in the database verifies the usage relationship, the processing circuit 702 may determine the access terminal to be authorized. If a record in the database disproves the usage relationship or if there is no record in the database verifying the usage relationship between the user identity and the access terminal identity, the processing circuit 702 may determine the access terminal to be unauthorized and may deny the access terminal access to the requesting network.
After the signature is authenticated and/or after the usage relationship is recorded, the validation server 700 may send an acknowledgement message to the access terminal acknowledging receipt and authentication of the report message, at step 810. For example, the processing circuit 702 may generate and send the acknowledgement message via the communications interface 704. The acknowledgement message may be sent as a transmission type corresponding to the of report message transmission. For example, the acknowledgement transmission may comprise a Layer 2 Acknowledgement or SMS Acknowledgement (corresponding to a SMS report message transmission), a TCP Acknowledgment (corresponding to a packet-based report message transmission), or a signaling layer acknowledgement (corresponding to a report message transmission as a signaling message). Alternatively, the validation server may return an explicit Acknowledgement message with pre-defined data format for the report message.
One or more of the components, steps, features and/or functions illustrated in FIGS. 1, 2, 3, 4, 5, 6, 7, and/or 8 may be rearranged and/or combined into a single component, step, feature or function or embodied in several components, steps, or functions. Additional elements, components, steps, and/or functions may also be added without departing from the scope of the present disclosure. The apparatus, devices and/or components illustrated in FIGS. 1, 2, 5 and/or 7 may be configured to perform one or more of the methods, features, or steps described in FIGS. 3, 4 (comprising 4A and 4B), 6 and/or 8. The novel algorithms described herein may also be efficiently implemented in software and/or embedded in hardware.
Also, it is noted that at least some implementations have been described as a process that is depicted as a flowchart, a flow diagram, a structure diagram, or a block diagram. Although a flowchart may describe the operations as a sequential process, many of the operations can be performed in parallel or concurrently. In addition, the order of the operations may be re-arranged. A process is terminated when its operations are completed. A process may correspond to a method, a function, a procedure, a subroutine, a subprogram, etc. When a process corresponds to a function, its termination corresponds to a return of the function to the calling function or the main function.
Moreover, embodiments may be implemented by hardware, software, firmware, middleware, microcode, or any combination thereof. When implemented in software, firmware, middleware or microcode, the program code or code segments to perform the necessary tasks may be stored in a machine-readable medium such as a storage medium or other storage(s). A processor may perform the necessary tasks. A code segment may represent a procedure, a function, a subprogram, a program, a routine, a subroutine, a module, a software package, a class, or any combination of instructions, data structures, or program statements. A code segment may be coupled to another code segment or a hardware circuit by passing and/or receiving information, data, arguments, parameters, or memory contents. Information, arguments, parameters, data, etc. may be passed, forwarded, or transmitted via any suitable means including memory sharing, message passing, token passing, network transmission, etc.
The terms “machine-readable medium”, “computer-readable medium”, and/or “processor-readable medium” may include, but are not limited to portable or fixed storage devices, optical storage devices, and various other non-transitory mediums capable of storing, containing or carrying instruction(s) and/or data. Thus, the various methods described herein may be partially or fully implemented by instructions and/or data that may be stored in a “machine-readable medium”, “computer-readable medium”, and/or “processor-readable medium” and executed by one or more processors, machines and/or devices.
The methods or algorithms described in connection with the examples disclosed herein may be embodied directly in hardware, in a software module executable by a processor, or in a combination of both, in the form of processing unit, programming instructions, or other directions, and may be contained in a single device or distributed across multiple devices. A software module may reside in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art. A storage medium may be coupled to the processor such that the processor can read information from, and write information to, the storage medium. In the alternative, the storage medium may be integral to the processor.
Those of skill in the art would further appreciate that the various illustrative logical blocks, modules, circuits, and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both. To clearly illustrate this interchangeability of hardware and software, various illustrative components, blocks, modules, circuits, and steps have been described above generally in terms of their functionality. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the overall system.
The various features of the embodiments described herein can be implemented in different systems without departing from the scope of the disclosure. It should be noted that the foregoing embodiments are merely examples and are not to be construed as limiting the disclosure. The description of the embodiments is intended to be illustrative, and not to limit the scope of the claims. As such, the present teachings can be readily applied to other types of apparatuses and many alternatives, modifications, and variations will be apparent to those skilled in the art.

Claims (39)

What is claimed is:
1. An access terminal, comprising:
a communications interface adapted to facilitate wireless communications;
a user identity module including a user identity;
a storage medium including a validation key from an authorized vendor of the access terminal and an access terminal identity stored therein; and
a processing circuit coupled to the communications interface, the user identity module, and the storage medium, the processing circuit adapted to:
determine that the user identity from the user identity module is not recorded for use with the access terminal;
generate a report message including the user identity and the access terminal identity, the report message adapted to report, to a validation server, a usage relationship between the user identity and the access terminal identity;
sign the report message that reports the usage relationship between the user identity and the access terminal identity with a signature that is generated based on the validation key, wherein the signature is adapted to authenticate that the access terminal is authorized to use the access terminal identity included in the report message; and
send a transmission including the signed report message via the communications interface.
2. The access terminal of claim 1, wherein the user identity module comprises a removable user identity module.
3. The access terminal of claim 2, wherein the removable user identity module comprises one of a Subscriber Identification Module (SIM), a Universal Subscriber Identity Module (USIM), a CDMA Subscriber Identification Module (CSIM) or a Removable User Identification Modules (RUIM).
4. The access terminal of claim 1, wherein the user identity comprises an International Mobile Subscriber Identity (IMSI).
5. The access terminal of claim 1, wherein the access terminal identity comprises one of an International Mobile Equipment Identity (IMEI) or a Mobile Equipment Identity (MEID).
6. The access terminal of claim 1, wherein the report message is generated in response to the processing circuit receiving a request transmission via the communications interface, the request transmission requesting the report message from the access terminal, or in response to a determination by the access terminal that the user identity from the user identity module has not been recorded for use with the access terminal identity.
7. The access terminal of claim 1, wherein the processing circuit is further adapted to send the transmission as one of a Short Messaging Service (SMS) message, a packet-based message, or a signaling message.
8. The access terminal of claim 1, wherein the processing circuit is further adapted to:
receive an acknowledgement via the communications interface, the acknowledgement indicating that the reported usage relationship between the user identity and the access terminal identity is validated and recorded; and
store the user identity in the storage medium as recorded for use with the access terminal.
9. A method operational on an access terminal, the method comprising:
storing a validation key from an authorized vendor of the access terminal in a storage medium;
determining that a user identity from a user identity module in the access terminal is not recorded for use with the access terminal;
generating a report message including the user identity and an access terminal identity, the report message adapted to report, to a validation server, a usage relationship between the user identity and the access terminal identity;
signing the report message that reports the usage relationship between the user identity and the access terminal identity with a signature that is generated based on the validation key, wherein the signature is adapted to authenticate that the access terminal is authorized to use the access terminal identity included in the report message; and
sending a transmission including the signed report message to a validation server.
10. The method of claim 9, wherein the determining that the user identity from the user identity module in the access terminal is not recorded for use with the access terminal comprises:
determining that the user identity from a removable user identity module disposed in the access terminal is not recorded for use with the access terminal.
11. The method of claim 9, wherein the determining that the user identity from the user identity module in the access terminal is not recorded for use with the access terminal comprises:
determining that the user identity from the user identity module in the access terminal is different from the one last recorded for use with the access terminal and stored in the storage medium of the access terminal.
12. The method of claim 9, wherein the generating the report message including the user identity comprises:
generating the report message including an International Mobile Subscriber Identity (IMSI) for the user identity.
13. The method of claim 9, wherein the generating the report message including the access terminal identity comprises:
generating the report message including one of an International Mobile Equipment Identity (IMEI) or a Mobile Equipment Identity (MEID) for the access terminal identity.
14. The method of claim 9, wherein the sending the transmission to the validation server comprises:
sending the transmission as one of a Short Messaging Service (SMS) message, a packet-based message or a signaling message.
15. The method of claim 9, further comprising:
receiving an acknowledgement from the validation server indicating the reported usage relationship between the user identity and the access terminal identity is validated and recorded; and
storing the user identity as a user identity recorded for use with the access terminal.
16. An access terminal, comprising:
means for storing a validation key from an authorized vendor of the access terminal;
means for determining that a user identity from a user identity module in the access terminal is not recorded for use with the access terminal;
means for generating a report message including the user identity and an access terminal identity, the report message adapted to report, to a validation server, a usage relationship between the user identity and the access terminal identity; and
means for signing the report message that reports the usage relationship between the user identity and the access terminal identity with a signature that is generated based on the validation key, wherein the signature is adapted to authenticate that the access terminal is authorized to use the access terminal identity included in the report message; and
means for sending a transmission including the signed report message to a validation server.
17. A non-transitory processor-readable medium comprising one or more instructions operational on an access terminal, which when executed by a processing circuit, causes the processing circuit to:
determine that a user identity from a user identity module in the access terminal is not recorded for use with the access terminal;
generate a report message including the user identity and an access terminal identity, the report message adapted to report, to a validation server, a usage relationship between the user identity and the access terminal identity;
sign the report message that reports the usage relationship between the user identity and the access terminal identity with a signature that is generated based on a validation key from an authorized vendor of the access terminal stored in a storage medium of the access terminal, wherein the signature is adapted to authenticate that the access terminal is authorized to use the access terminal identity included in the report message; and
send a transmission including the signed report message to a validation server.
18. A validation server, comprising:
a communications interface adapted to facilitate wireless communications;
a storage medium; and
a processing circuit coupled to the communications interface, the processing circuit adapted to:
receive and store a validation key for an access terminal from an authorized vendor in the storage medium;
receive a transmission from the access terminal via the communications interface, the transmission including a report message reporting a usage relationship between an access terminal identity and a user identity in the access terminal, wherein the report message is signed with a signature; and
authenticate the signature of the report message that reports the usage relationship between the access terminal identity and the user identity using the validation key to verify that the access terminal is authorized to use the access terminal identity included in the report message.
19. The validation server of claim 18, wherein the processing circuit is further adapted to record the usage relationship between the access terminal identity and the user identity in a database accessible to an equipment identity register (EIR).
20. The validation server of claim 19, wherein the communications interface, the storage medium and the processing circuit are implemented integral with the EIR.
21. The validation server of claim 20, wherein the processing circuit is further adapted to:
receive via the communications interface a validation request transmission from a network entity, the validation request transmission including the user identity and the access terminal identity;
query the database for a record verifying a valid usage relationship between the user identity and the access terminal identity;
determine the access terminal to be authorized if a record in the database verifies the usage relationship between the user identity and the access terminal identity; and
determine the access terminal to be unauthorized if a record in the database disproves the usage relationship or if no record in the database verifies the usage relationship between the user identity and the access terminal identity.
22. The validation server of claim 18, wherein the processing circuit is further adapted to receive the transmission from the access terminal as one of a Short Messaging Service (SMS) message, a packet-based message, or a signaling message.
23. The validation server of claim 18, wherein the processing circuit is further adapted to send an acknowledgement message to the access terminal acknowledging receipt and authentication of the report message.
24. The validation server of claim 18, wherein the access terminal identity included in the report message comprises one of an International Mobile Equipment Identity (IMEI) or a Mobile Equipment Identity (MEID).
25. The validation server of claim 18, wherein the user identity included in the report message comprises an International Mobile Subscriber Identity (IMSI).
26. A method operational on a validation server, the method comprising:
receiving and storing a validation key for an access terminal from an authorized vendor in a storage medium;
receiving a transmission from the access terminal, the transmission including a report message reporting a usage relationship between an access terminal identity and a user identity in the access terminal, wherein the report message is signed with a signature; and
authenticating the signature of the report message that reports the usage relationship between the access terminal identity and the user identity using the validation key to verify that the access terminal is authorized to use the access terminal identity included in the report message.
27. The method of claim 26, further comprising:
recording the usage relationship between the access terminal identity and the user identity in a database accessible to an equipment identity register (EIR).
28. The method of claim 27, further comprising:
receiving a validation request transmission from an entity of a communication network, the validation request transmission including the user identity and the access terminal identity;
querying the database for a record verifying a usage relationship between the user identity and the access terminal identity;
determining the access terminal to be an authorized access terminal if a record in the database verifies the usage relationship between the user identity and the access terminal identity; and
determining the access terminal to be an unauthorized access terminal if a record in the database disproves the usage relationship or if no record in the database verifies the usage relationship between the user identity and the access terminal identity.
29. The method of claim 26, wherein the receiving the transmission from the access terminal comprises receiving the transmission as one of a Short Messaging Service (SMS) transmission, a packet-based transmission, or a signaling message transmission.
30. The method of claim 26, further comprising:
sending an acknowledgement message to the access terminal acknowledging receipt and authentication of the report message.
31. The method of claim 26, wherein the access terminal identity included in the report message comprises one of an International Mobile Equipment Identity (IMEI) or a Mobile Equipment Identity (MEID).
32. The method of claim 26, wherein the user identity included in the report message comprises an International Mobile Subscriber Identity (IMSI).
33. The method of claim 26, wherein the authenticating the signature of the report message comprises:
determining the validation key corresponding to the access terminal that sent the transmission including the report message;
retrieving the corresponding validation key; and
applying the validation key to authenticate the signature.
34. A validation server, comprising:
means for receiving and store a validation key for an access terminal from an authorized vendor in a storage medium;
means for receiving a transmission from an access terminal, the transmission including a report message reporting a usage relationship between an access terminal identity and a user identity in the access terminal, wherein the report message is signed with a signature; and
means for authenticating the signature of the report message that reports the usage relationship between the access terminal identity and the user identity using the validation key to verify that the access terminal is authorized to use the access terminal identity included in the report message.
35. The validation server of claim 34, further comprising:
means for recording the usage relationship between the access terminal identity and the user identity in a database accessible to an equipment identity register (EIR).
36. The validation server of claim 35, further comprising:
means for determining whether an access terminal is authorized or unauthorized when an entity of a communication network sends a validation request with an obtained user identity and access terminal identity.
37. A non-transitory processor-readable medium comprising one or more instructions operational on a validation server, which when executed by a processing circuit, causes the processing circuit to:
receive and store a validation key for an access terminal from an authorized vendor in a storage medium;
receive a transmission from an access terminal, the transmission including a report message reporting a usage relationship between an access terminal identity and a user identity in the access terminal, wherein the report message is signed with a signature; and
authenticate the signature of the report message that reports the usage relationship between the access terminal identity and the user identity using the validation key to verify that the access terminal is authorized to use the access terminal identity included in the report message.
38. The non-transitory processor-readable medium of claim 37, further comprising one or more instruction operational on the validation server, which when executed by the processing circuit, causes the processing circuit to:
record the usage relationship between the access terminal identity and the user identity in a database accessible to an equipment identity register (EIR).
39. The non-transitory processor-readable medium of claim 38, further comprising one or more instruction operational on the validation server, which when executed by the processing circuit, causes the processing circuit to:
determine whether an access terminal is authorized or unauthorized when an entity of a communication network sends a validation request with an obtained user identity and access terminal identity.
US13/577,888 2010-03-16 2011-03-16 Facilitating authentication of access terminal identity Expired - Fee Related US9578498B2 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
CN2010101315142A CN102196438A (en) 2010-03-16 2010-03-16 Communication terminal identifier management methods and device
CN20100131514.2 2010-03-16
CN201010131514 2010-03-16
PCT/CN2011/071855 WO2011113355A1 (en) 2010-03-16 2011-03-16 Facilitating authentication of access terminal identity

Publications (2)

Publication Number Publication Date
US20130036223A1 US20130036223A1 (en) 2013-02-07
US9578498B2 true US9578498B2 (en) 2017-02-21

Family

ID=44603675

Family Applications (1)

Application Number Title Priority Date Filing Date
US13/577,888 Expired - Fee Related US9578498B2 (en) 2010-03-16 2011-03-16 Facilitating authentication of access terminal identity

Country Status (6)

Country Link
US (1) US9578498B2 (en)
EP (1) EP2548390B1 (en)
JP (1) JP5629788B2 (en)
KR (1) KR101487074B1 (en)
CN (2) CN102196438A (en)
WO (1) WO2011113355A1 (en)

Families Citing this family (29)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9385862B2 (en) 2010-06-16 2016-07-05 Qualcomm Incorporated Method and apparatus for binding subscriber authentication and device authentication in communication systems
US9112905B2 (en) 2010-10-22 2015-08-18 Qualcomm Incorporated Authentication of access terminal identities in roaming networks
US9668128B2 (en) 2011-03-09 2017-05-30 Qualcomm Incorporated Method for authentication of a remote station using a secure element
CN103108311B (en) 2011-11-11 2017-11-28 中兴通讯股份有限公司 A kind of MTC device and the method, apparatus and system of UICC bindings
CN103188678A (en) * 2011-12-29 2013-07-03 希姆通信息技术(上海)有限公司 Mobile terminal, management platform and system and method used for preventing mobile terminal from being used indiscriminately
CN103634791B (en) * 2012-08-27 2018-03-09 华为终端(东莞)有限公司 Method, user equipment and the remote management platform of switch operators network
CN103200312B (en) * 2013-03-01 2015-04-01 宁波萨瑞通讯有限公司 Method for writing international mobile equipment identity (IMEI) codes quickly for multiple-card mobile phone
US20150006898A1 (en) * 2013-06-28 2015-01-01 Alcatel-Lucent Usa Inc. Method For Provisioning Security Credentials In User Equipment For Restrictive Binding
CN104519491B (en) * 2013-09-30 2017-12-05 大唐终端设备有限公司 A kind of alarm method and device for mobile terminal
CN103714470A (en) * 2014-01-14 2014-04-09 陈树鑫 Method and device for preventing commodities from being stolen and lost
CN103973703A (en) * 2014-05-23 2014-08-06 杭州智屏科技有限公司 Request method for safety of data exchange between application program and server
CN106714075B (en) * 2015-08-10 2020-06-26 华为技术有限公司 Method and device for processing authorization
CN105306320B (en) * 2015-11-20 2018-10-23 青岛海信移动通信技术股份有限公司 A kind of method and device for binding client for smart machine
CN105592438A (en) * 2016-01-22 2016-05-18 上海亮衡信息科技有限公司 Network selection optimizing method and device for PIN code switching-on
US20180049027A1 (en) * 2016-08-11 2018-02-15 Qualcomm Incorporated Adding authenticatable signatures to acknowledgements
GB2556906A (en) * 2016-11-24 2018-06-13 Trustonic Ltd Handset identifier verification
US10755694B2 (en) * 2018-03-15 2020-08-25 Motorola Mobility Llc Electronic device with voice-synthesis and acoustic watermark capabilities
EP3654681A1 (en) * 2018-11-13 2020-05-20 Thales Dis France SA A method and network server for authenticating a communication apparatus
CN113330766A (en) * 2019-01-07 2021-08-31 思杰系统有限公司 User identity management
CN110234116B (en) * 2019-06-24 2021-11-02 飞天诚信科技股份有限公司 Security authentication method and system
CN112449341B (en) * 2019-08-29 2022-08-09 华为云计算技术有限公司 IoT (Internet of things) equipment data management method, device and system
CN111245865A (en) * 2020-02-29 2020-06-05 北京帕斯沃得科技有限公司 Network real-name authentication method and system
CN111478774B (en) * 2020-04-09 2022-07-22 确信信息股份有限公司 Secret key authorization method and system based on voice authentication
CN112787990B (en) * 2020-10-28 2023-01-31 国网辽宁省电力有限公司电力科学研究院 Power terminal trusted access authentication method and system
CN113473458B (en) * 2021-05-10 2023-11-17 厦门市思芯微科技有限公司 Device access method, data transmission method and computer readable storage medium
CN112989309B (en) * 2021-05-21 2021-08-20 统信软件技术有限公司 Login method, authentication method and system based on multi-party authorization and computing equipment
CN116368770A (en) * 2021-10-28 2023-06-30 京东方科技集团股份有限公司 Device identity verification method and device, electronic device and computer readable medium
CN116436905B (en) * 2023-04-19 2023-11-28 广州市迪士普音响科技有限公司 Network broadcast communication method and device, storage medium and computer equipment
CN117478432B (en) * 2023-12-27 2024-03-19 国网天津市电力公司信息通信公司 Safety operation and maintenance system for power communication equipment

Citations (77)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1996035304A1 (en) 1995-05-04 1996-11-07 Nokia Telecommunications Oy Checking the access right of a subscriber equipment
WO1996036194A1 (en) 1995-05-12 1996-11-14 Nokia Telecommunications Oy Checking the access right of a subscriber equipment
WO1997043866A2 (en) 1996-05-13 1997-11-20 Telefonaktiebolaget Lm Ericsson (Publ) A method and a device for identifying a user of a mobile telephone
CN1231108A (en) 1996-09-17 1999-10-06 诺基亚电信公司 Preventing misure of copied subscriber identity in mobile communication system
WO2001043108A1 (en) 1999-12-08 2001-06-14 Sanyo Electric Co., Ltd. Key control system and key control method
WO2001049058A1 (en) 1999-12-27 2001-07-05 Mitsubishi Denki Kabushiki Kaisha Radio communication device and radio communication method
US20020073229A1 (en) 2000-10-19 2002-06-13 Morihiko Hayashi Wireless data transmitting and receiving system, server device, and server device controlling method
US6408175B1 (en) 1998-03-03 2002-06-18 Lg Information & Communications Ltd. Method of managing mobile station operational parameters
US20020091933A1 (en) 2001-01-05 2002-07-11 Quick Roy F. Local Authentication in a communication system
JP2002345041A (en) 2001-05-21 2002-11-29 Mitsubishi Electric Corp Method for registering secret information in subscriber terminal
JP2003535497A (en) 2000-05-26 2003-11-25 ローベルト ボツシユ ゲゼルシヤフト ミツト ベシユレンクテル ハフツング Cryptographically checkable identification method of physical units in public wireless telecommunications networks
JP2004035538A (en) 2002-03-12 2004-02-05 Unilever Nv Method for promoting beauty/whiteness of skin
US20040180657A1 (en) 2002-06-24 2004-09-16 Toshiba America Research Inc. (Tari) Authenticating multiple devices simultaneously using a single wireless subscriber identity module
US6804506B1 (en) 1998-03-19 2004-10-12 Siemens Aktiengesellschaft Method mobile station and radiocommunication system for controlling safety related functions in communication handling
JP2004297138A (en) 2003-03-25 2004-10-21 Ntt Docomo Inc Authentication system and communication terminal
US6826690B1 (en) 1999-11-08 2004-11-30 International Business Machines Corporation Using device certificates for automated authentication of communicating devices
JP2005078220A (en) 2003-08-28 2005-03-24 Matsushita Electric Ind Co Ltd Information processor and system and method for providing service
CN1684411A (en) 2004-04-13 2005-10-19 华为技术有限公司 Method for verifying user's legitimate of mobile terminal
CN1719919A (en) 2004-07-09 2006-01-11 上海迪比特实业有限公司 Method for obtaining mobile phone user information
US20060089123A1 (en) 2004-10-22 2006-04-27 Frank Edward H Use of information on smartcards for authentication and encryption
US20060120531A1 (en) 2004-09-08 2006-06-08 Qualcomm Incorporated Bootstrapping authentication using distinguished random challenges
US20060206710A1 (en) 2005-03-11 2006-09-14 Christian Gehrmann Network assisted terminal to SIM/UICC key establishment
JP2006245831A (en) 2005-03-01 2006-09-14 Nippon Telegr & Teleph Corp <Ntt> Communication method, communication system, authentication server and mobile
US20060236369A1 (en) 2005-03-24 2006-10-19 Covington Michael J Method, apparatus and system for enforcing access control policies using contextual attributes
US20060291422A1 (en) 2005-06-27 2006-12-28 Nokia Corporation Mobility management in a communication system of at least two communication networks
EP1739903A1 (en) 2005-07-02 2007-01-03 Samsung Electronics Co., Ltd. Authentication system and method thereof in a communication system
US20070010242A1 (en) 1999-09-17 2007-01-11 Lioudmila Blants Control system for setting up a short distance second data transmitting connection to a wireless communication device in order to send an identification message
CN1921661A (en) 2005-08-24 2007-02-28 乐金电子(中国)研究开发中心有限公司 GSM terminal authentication processing method
US7203836B1 (en) 1997-07-10 2007-04-10 T-Mobile Deutschland Gmbh Method and device for the mutual authentication of components in a network using the challenge-response method
US20070142086A1 (en) 2003-12-19 2007-06-21 Gemplus Method of securing a mobile telephone identifier and corresponding mobile telephone
CN101018174A (en) 2007-03-15 2007-08-15 北京安拓思科技有限责任公司 Network system and method for obtaining the public key certificate for WAPI
CN101026453A (en) 2006-02-23 2007-08-29 华为技术有限公司 General authorityidentifying system and method for accessing its network business application
CN101056456A (en) 2006-04-10 2007-10-17 华为技术有限公司 Method and secure system for authenticating the radio evolution network
WO2007121190A2 (en) 2006-04-11 2007-10-25 Qualcomm Incorporated Method and apparatus for binding multiple authentications
JP2007281861A (en) 2006-04-06 2007-10-25 Nec Corp Terminal authentication method and mobile terminal device
JP2007336219A (en) 2006-06-14 2007-12-27 Ntt Docomo Inc Subscriber authentication module
US20080003980A1 (en) * 2006-06-30 2008-01-03 Motorola, Inc. Subsidy-controlled handset device via a sim card using asymmetric verification and method thereof
US7325133B2 (en) 2003-10-07 2008-01-29 Koolspan, Inc. Mass subscriber management
JP2008527905A (en) 2005-01-11 2008-07-24 エンキャップ エーエス Security code generation method, method using security code generation method, and programmable apparatus for security code generation method
US20080295159A1 (en) 2003-11-07 2008-11-27 Mauro Sentinelli Method and System for the Authentication of a User of a Data Processing System
US20080301776A1 (en) 2001-02-14 2008-12-04 Weatherford Sidney L System method for providing secure access to a communications network
WO2009029156A1 (en) 2007-09-01 2009-03-05 Apple Inc. Service provider activation
US20090075584A1 (en) 2007-09-17 2009-03-19 Samsung Electronics Co. Ltd. Mobile broadcasting system and method for transmitting and receiving broadcast service therefor
CN101448257A (en) 2007-11-28 2009-06-03 陈静 Control system for validating user terminal and control method thereof
US20090172798A1 (en) 2007-12-28 2009-07-02 Motorola, Inc. Wireless device authentication using digital certificates
JP2009188765A (en) 2008-02-06 2009-08-20 Ntt Docomo Inc Wireless terminal, and wireless communication method
US20090217039A1 (en) 2008-02-05 2009-08-27 Sipera Systems, Inc. System, Method and Apparatus for Authenticating Calls
US20090227234A1 (en) 2008-03-04 2009-09-10 Alcatel-Lucent Usa Inc. System and method for securing a base station using sim cards
US20090239503A1 (en) 2008-03-20 2009-09-24 Bernard Smeets System and Method for Securely Issuing Subscription Credentials to Communication Devices
US20090249069A1 (en) 2008-03-26 2009-10-01 Vasilios Daskalopoulos Credential generation system and method for communications devices and device management servers
US20090258631A1 (en) 2008-04-14 2009-10-15 Nokia Corporation Mobility related control signalling authentication in mobile communications system
US20090282256A1 (en) * 2008-05-12 2009-11-12 Sony Ericsson Mobile Communications Ab Secure push messages
JP2009278388A (en) 2008-05-14 2009-11-26 National Institute Of Information & Communication Technology Communication terminal device, management device, communication method, management method, and computer program
US20100031366A1 (en) * 2006-05-05 2010-02-04 Omnifone Limited Method of Providing Digital Rights Management for Music Content by Means of a Flat-Rate Subscription
WO2010039445A2 (en) 2008-10-02 2010-04-08 Motorola, Inc. Method, mobile station, system and network processor for use in mobile communications
US20100167740A1 (en) 2008-12-30 2010-07-01 Motorola, Inc. Wide area mobile communications over femto-cells
US7769175B2 (en) 2004-11-24 2010-08-03 Research In Motion Limited System and method for initiation of a security update
US7779267B2 (en) 2001-09-04 2010-08-17 Hewlett-Packard Development Company, L.P. Method and apparatus for using a secret in a distributed computing system
US20100278141A1 (en) * 2009-05-01 2010-11-04 At&T Mobility Ii Llc Access control for macrocell to femtocell handover
US20100311419A1 (en) 2009-06-04 2010-12-09 Motorola, Inc. Mobility Management Entity Tracking for Group Mobility in Wireless Communication Network
US20100313024A1 (en) 2007-05-16 2010-12-09 Panasonic Corporation Methods in Mixed Network and Host-Based Mobility Management
US20100317405A1 (en) 2005-08-01 2010-12-16 Ubiquisys Limited Self-configuring cellular basestation
CN101945386A (en) 2010-09-10 2011-01-12 中兴通讯股份有限公司 Method and system for implementing synchronous binding of safe secret keys
US20110010543A1 (en) 2009-03-06 2011-01-13 Interdigital Patent Holdings, Inc. Platform validation and management of wireless devices
EP2291015A1 (en) 2009-08-31 2011-03-02 Gemalto SA A method for communicating data between a secure element and a network access point and a corresponding secure element
US20110086616A1 (en) * 2008-12-03 2011-04-14 Entersect Technologies (Pty) Ltd Secure Transaction Authentication
US20110122813A1 (en) * 2007-12-18 2011-05-26 Chong-Youn Choe Method and system for preventing use of stolen terminal through forced location re-registration
US7966000B2 (en) 2005-02-04 2011-06-21 Qualcomm Incorporated Secure bootstrapping for wireless communications
US20110219427A1 (en) * 2010-03-04 2011-09-08 RSSBus, Inc. Smart Device User Authentication
US20110271330A1 (en) 2008-12-31 2011-11-03 Nokia (China) Investment Co. Ltd. Solutions for identifying legal user equipments in a communication network
US20110314287A1 (en) 2010-06-16 2011-12-22 Qualcomm Incorporated Method and apparatus for binding subscriber authentication and device authentication in communication systems
US20120100832A1 (en) 2010-10-22 2012-04-26 Quallcomm Incorporated Authentication of access terminal identities in roaming networks
US20120144202A1 (en) 2010-12-06 2012-06-07 Verizon Patent And Licensing Inc. Secure authentication for client application access to protected resources
US20120233685A1 (en) 2011-03-09 2012-09-13 Qualcomm Incorporated Method for authentication of a remote station using a secure element
US8566926B1 (en) 2010-03-18 2013-10-22 Sprint Communications Company L.P. Mobility protocol selection by an authorization system
US8645699B2 (en) 2010-03-15 2014-02-04 Blackberry Limited Use of certificate authority to control a device's access to services
US20140128025A1 (en) * 2009-01-28 2014-05-08 Headwater Partners I Llc Device assisted services install

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050153741A1 (en) * 2003-10-03 2005-07-14 Shao-Chun Chen Network and method for registration of mobile devices and management of the mobile devices
US20050086468A1 (en) * 2003-10-17 2005-04-21 Branislav Meandzija Digital certificate related to user terminal hardware in a wireless network
US8689300B2 (en) 2007-01-30 2014-04-01 The Boeing Company Method and system for generating digital fingerprint

Patent Citations (84)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1183202A (en) 1995-05-04 1998-05-27 诺基亚电信公司 Checking the access right of a subscriber equipment
WO1996035304A1 (en) 1995-05-04 1996-11-07 Nokia Telecommunications Oy Checking the access right of a subscriber equipment
WO1996036194A1 (en) 1995-05-12 1996-11-14 Nokia Telecommunications Oy Checking the access right of a subscriber equipment
WO1997043866A2 (en) 1996-05-13 1997-11-20 Telefonaktiebolaget Lm Ericsson (Publ) A method and a device for identifying a user of a mobile telephone
CN1225226A (en) 1996-05-13 1999-08-04 艾利森电话股份有限公司 A method and a device for identifying a user of a mobile telephone
JP2000510303A (en) 1996-05-13 2000-08-08 テレフオンアクチーボラゲツト エル エム エリクソン(パブル) Method and apparatus for mobile phone management
CN1231108A (en) 1996-09-17 1999-10-06 诺基亚电信公司 Preventing misure of copied subscriber identity in mobile communication system
US7203836B1 (en) 1997-07-10 2007-04-10 T-Mobile Deutschland Gmbh Method and device for the mutual authentication of components in a network using the challenge-response method
US6408175B1 (en) 1998-03-03 2002-06-18 Lg Information & Communications Ltd. Method of managing mobile station operational parameters
US6804506B1 (en) 1998-03-19 2004-10-12 Siemens Aktiengesellschaft Method mobile station and radiocommunication system for controlling safety related functions in communication handling
US20070010242A1 (en) 1999-09-17 2007-01-11 Lioudmila Blants Control system for setting up a short distance second data transmitting connection to a wireless communication device in order to send an identification message
US6826690B1 (en) 1999-11-08 2004-11-30 International Business Machines Corporation Using device certificates for automated authentication of communicating devices
WO2001043108A1 (en) 1999-12-08 2001-06-14 Sanyo Electric Co., Ltd. Key control system and key control method
WO2001049058A1 (en) 1999-12-27 2001-07-05 Mitsubishi Denki Kabushiki Kaisha Radio communication device and radio communication method
US20040111616A1 (en) 2000-05-26 2004-06-10 Wael Adi Method for cryptographically verifiable identification of a physical unit in a public, wireless telecommunications network
JP2003535497A (en) 2000-05-26 2003-11-25 ローベルト ボツシユ ゲゼルシヤフト ミツト ベシユレンクテル ハフツング Cryptographically checkable identification method of physical units in public wireless telecommunications networks
US20020073229A1 (en) 2000-10-19 2002-06-13 Morihiko Hayashi Wireless data transmitting and receiving system, server device, and server device controlling method
US20020091933A1 (en) 2001-01-05 2002-07-11 Quick Roy F. Local Authentication in a communication system
US20080301776A1 (en) 2001-02-14 2008-12-04 Weatherford Sidney L System method for providing secure access to a communications network
JP2002345041A (en) 2001-05-21 2002-11-29 Mitsubishi Electric Corp Method for registering secret information in subscriber terminal
US7779267B2 (en) 2001-09-04 2010-08-17 Hewlett-Packard Development Company, L.P. Method and apparatus for using a secret in a distributed computing system
JP2004035538A (en) 2002-03-12 2004-02-05 Unilever Nv Method for promoting beauty/whiteness of skin
US20040180657A1 (en) 2002-06-24 2004-09-16 Toshiba America Research Inc. (Tari) Authenticating multiple devices simultaneously using a single wireless subscriber identity module
JP2004297138A (en) 2003-03-25 2004-10-21 Ntt Docomo Inc Authentication system and communication terminal
JP2005078220A (en) 2003-08-28 2005-03-24 Matsushita Electric Ind Co Ltd Information processor and system and method for providing service
US7325133B2 (en) 2003-10-07 2008-01-29 Koolspan, Inc. Mass subscriber management
US20080295159A1 (en) 2003-11-07 2008-11-27 Mauro Sentinelli Method and System for the Authentication of a User of a Data Processing System
US20070142086A1 (en) 2003-12-19 2007-06-21 Gemplus Method of securing a mobile telephone identifier and corresponding mobile telephone
CN1684411A (en) 2004-04-13 2005-10-19 华为技术有限公司 Method for verifying user's legitimate of mobile terminal
CN1719919A (en) 2004-07-09 2006-01-11 上海迪比特实业有限公司 Method for obtaining mobile phone user information
US20060120531A1 (en) 2004-09-08 2006-06-08 Qualcomm Incorporated Bootstrapping authentication using distinguished random challenges
US20060089123A1 (en) 2004-10-22 2006-04-27 Frank Edward H Use of information on smartcards for authentication and encryption
US7769175B2 (en) 2004-11-24 2010-08-03 Research In Motion Limited System and method for initiation of a security update
JP2008527905A (en) 2005-01-11 2008-07-24 エンキャップ エーエス Security code generation method, method using security code generation method, and programmable apparatus for security code generation method
US7966000B2 (en) 2005-02-04 2011-06-21 Qualcomm Incorporated Secure bootstrapping for wireless communications
JP2006245831A (en) 2005-03-01 2006-09-14 Nippon Telegr & Teleph Corp <Ntt> Communication method, communication system, authentication server and mobile
US20060206710A1 (en) 2005-03-11 2006-09-14 Christian Gehrmann Network assisted terminal to SIM/UICC key establishment
US20060236369A1 (en) 2005-03-24 2006-10-19 Covington Michael J Method, apparatus and system for enforcing access control policies using contextual attributes
US20060291422A1 (en) 2005-06-27 2006-12-28 Nokia Corporation Mobility management in a communication system of at least two communication networks
EP1739903A1 (en) 2005-07-02 2007-01-03 Samsung Electronics Co., Ltd. Authentication system and method thereof in a communication system
KR20070003484A (en) 2005-07-02 2007-01-05 삼성전자주식회사 System and method for authenticating using twice extensible authentication protocol scheme in a broadband wireless access communication system
US20070016780A1 (en) 2005-07-02 2007-01-18 Samsung Electronics Co., Ltd. Authentication system and method thereof in a communication system
US20100317405A1 (en) 2005-08-01 2010-12-16 Ubiquisys Limited Self-configuring cellular basestation
CN1921661A (en) 2005-08-24 2007-02-28 乐金电子(中国)研究开发中心有限公司 GSM terminal authentication processing method
CN101026453A (en) 2006-02-23 2007-08-29 华为技术有限公司 General authorityidentifying system and method for accessing its network business application
JP2007281861A (en) 2006-04-06 2007-10-25 Nec Corp Terminal authentication method and mobile terminal device
CN101056456A (en) 2006-04-10 2007-10-17 华为技术有限公司 Method and secure system for authenticating the radio evolution network
WO2007121190A2 (en) 2006-04-11 2007-10-25 Qualcomm Incorporated Method and apparatus for binding multiple authentications
US20100031366A1 (en) * 2006-05-05 2010-02-04 Omnifone Limited Method of Providing Digital Rights Management for Music Content by Means of a Flat-Rate Subscription
JP2007336219A (en) 2006-06-14 2007-12-27 Ntt Docomo Inc Subscriber authentication module
US20080003980A1 (en) * 2006-06-30 2008-01-03 Motorola, Inc. Subsidy-controlled handset device via a sim card using asymmetric verification and method thereof
CN101018174A (en) 2007-03-15 2007-08-15 北京安拓思科技有限责任公司 Network system and method for obtaining the public key certificate for WAPI
US20100313024A1 (en) 2007-05-16 2010-12-09 Panasonic Corporation Methods in Mixed Network and Host-Based Mobility Management
WO2009029156A1 (en) 2007-09-01 2009-03-05 Apple Inc. Service provider activation
US20090075584A1 (en) 2007-09-17 2009-03-19 Samsung Electronics Co. Ltd. Mobile broadcasting system and method for transmitting and receiving broadcast service therefor
CN101448257A (en) 2007-11-28 2009-06-03 陈静 Control system for validating user terminal and control method thereof
US20110122813A1 (en) * 2007-12-18 2011-05-26 Chong-Youn Choe Method and system for preventing use of stolen terminal through forced location re-registration
US20090172798A1 (en) 2007-12-28 2009-07-02 Motorola, Inc. Wireless device authentication using digital certificates
KR20100106543A (en) 2007-12-28 2010-10-01 모토로라 인코포레이티드 Wireless device authentication using digital certificates
US20090217039A1 (en) 2008-02-05 2009-08-27 Sipera Systems, Inc. System, Method and Apparatus for Authenticating Calls
JP2009188765A (en) 2008-02-06 2009-08-20 Ntt Docomo Inc Wireless terminal, and wireless communication method
US20090227234A1 (en) 2008-03-04 2009-09-10 Alcatel-Lucent Usa Inc. System and method for securing a base station using sim cards
US20090239503A1 (en) 2008-03-20 2009-09-24 Bernard Smeets System and Method for Securely Issuing Subscription Credentials to Communication Devices
US20090249069A1 (en) 2008-03-26 2009-10-01 Vasilios Daskalopoulos Credential generation system and method for communications devices and device management servers
US20090258631A1 (en) 2008-04-14 2009-10-15 Nokia Corporation Mobility related control signalling authentication in mobile communications system
US20090282256A1 (en) * 2008-05-12 2009-11-12 Sony Ericsson Mobile Communications Ab Secure push messages
JP2009278388A (en) 2008-05-14 2009-11-26 National Institute Of Information & Communication Technology Communication terminal device, management device, communication method, management method, and computer program
WO2010039445A2 (en) 2008-10-02 2010-04-08 Motorola, Inc. Method, mobile station, system and network processor for use in mobile communications
US20110086616A1 (en) * 2008-12-03 2011-04-14 Entersect Technologies (Pty) Ltd Secure Transaction Authentication
US20100167740A1 (en) 2008-12-30 2010-07-01 Motorola, Inc. Wide area mobile communications over femto-cells
US20110271330A1 (en) 2008-12-31 2011-11-03 Nokia (China) Investment Co. Ltd. Solutions for identifying legal user equipments in a communication network
US20140128025A1 (en) * 2009-01-28 2014-05-08 Headwater Partners I Llc Device assisted services install
US20110010543A1 (en) 2009-03-06 2011-01-13 Interdigital Patent Holdings, Inc. Platform validation and management of wireless devices
US20100278141A1 (en) * 2009-05-01 2010-11-04 At&T Mobility Ii Llc Access control for macrocell to femtocell handover
US20100311419A1 (en) 2009-06-04 2010-12-09 Motorola, Inc. Mobility Management Entity Tracking for Group Mobility in Wireless Communication Network
EP2291015A1 (en) 2009-08-31 2011-03-02 Gemalto SA A method for communicating data between a secure element and a network access point and a corresponding secure element
US20110219427A1 (en) * 2010-03-04 2011-09-08 RSSBus, Inc. Smart Device User Authentication
US8645699B2 (en) 2010-03-15 2014-02-04 Blackberry Limited Use of certificate authority to control a device's access to services
US8566926B1 (en) 2010-03-18 2013-10-22 Sprint Communications Company L.P. Mobility protocol selection by an authorization system
US20110314287A1 (en) 2010-06-16 2011-12-22 Qualcomm Incorporated Method and apparatus for binding subscriber authentication and device authentication in communication systems
CN101945386A (en) 2010-09-10 2011-01-12 中兴通讯股份有限公司 Method and system for implementing synchronous binding of safe secret keys
US20120100832A1 (en) 2010-10-22 2012-04-26 Quallcomm Incorporated Authentication of access terminal identities in roaming networks
US20120144202A1 (en) 2010-12-06 2012-06-07 Verizon Patent And Licensing Inc. Secure authentication for client application access to protected resources
US20120233685A1 (en) 2011-03-09 2012-09-13 Qualcomm Incorporated Method for authentication of a remote station using a secure element

Non-Patent Citations (9)

* Cited by examiner, † Cited by third party
Title
3GPP: "3rd Generation Partnership Project; Technical Specification Group Service and Systems Aspects: Security of H(e)NB; (Release 8)", 3GPP TR 33.820 V8.3.0, vol. 33.820, No. V8.3.0 Dec. 1, 2009 (Dec. 1, 2009), pp. 1-99, XP002650893, Retrieved from the Internet: URL:http://www.quintillion.co.jp/3GPP/Spec s/33820-830.pdf Sections 6 and 7.
Calhoun P., et al., "Diameter Base Protocol RFC 3588", Internet Engineering Task Force (IETF), Sep. 2003 (Sep. 2003), XP015009370.
Chen, et al., "A Secure Relay-Assisted Handover Protocol for Proxy Mobile IPv6 in 3GPP LTE Networks", Wireless Personal Communications, 2010.
Eronen P., et al., "Diameter Extensible Authentication RFC 4072", Internet Engineering Task Force (IETF) Aug. 2005 (Aug. 2005), XP015041927.
Funk P., et al., "Extensible Authentication Protocol Tunneled Transport Layer Security Authenticated Protocol Version 0 (EAP-TTLSv0); RFC 5281", Internet Engineering Task Force (IETF), Aug. 2008 (Aug. 2008), XP015060268.
International Search Report and Written Opinion-PCT/CN2011/071855, ISA/EPO-Jun. 30, 2011.
International Search Report and Written Opinion-PCT/US2012/028611-ISA/EPO-May 23, 2012.
Menezes A J., et al., Handbook of Applied Cryptography, CRC Press, 1997, pp. 403-405.
Simon D., et al., "The EAP-TLS Authentication Protocol; RFC 5216", Internet Engineering Task Force (IETF), Mar. 1, 2008 (Mar. 1, 2008), XP015055258.

Also Published As

Publication number Publication date
CN102196438A (en) 2011-09-21
CN102835137B (en) 2016-10-05
EP2548390B1 (en) 2018-10-24
WO2011113355A1 (en) 2011-09-22
US20130036223A1 (en) 2013-02-07
JP5629788B2 (en) 2014-11-26
EP2548390A4 (en) 2017-03-29
EP2548390A1 (en) 2013-01-23
KR101487074B1 (en) 2015-01-28
CN102835137A (en) 2012-12-19
JP2013522989A (en) 2013-06-13
KR20120139803A (en) 2012-12-27

Similar Documents

Publication Publication Date Title
US9578498B2 (en) Facilitating authentication of access terminal identity
KR101536489B1 (en) Authentication of access terminal identities in roaming networks
US9185559B2 (en) Method and apparatus for network personalization of subscriber devices
US20060039564A1 (en) Security for device management and firmware updates in an operator network
US10506439B2 (en) Secure control of profile policy rules
US7502607B2 (en) Method for producing authentication information
EP3485624B1 (en) Operation related to user equipment using secret identifier
AU2003247574A1 (en) Authentication in a communication system
US10397001B2 (en) Secure mechanism for subsidy lock enforcement
JP2007511122A (en) How to manage application security with security modules
CN102318386A (en) Service-based authentication to a network
WO2013185709A1 (en) Call authentication method, device, and system
EP3550765B1 (en) Service provisioning
US9747432B1 (en) Remotely enabling a disabled user interface of a wireless communication device
WO2011029296A1 (en) System and method for providing machine-to-machine equipment with machine communication identity module
KR20160143337A (en) System and Method for Double Certification by using Double Channel

Legal Events

Date Code Title Description
AS Assignment

Owner name: QUALCOMM INCORPORATED, CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:DU, ZHIMIN;LI, YAN;SIGNING DATES FROM 20120813 TO 20120816;REEL/FRAME:029853/0104

STCF Information on status: patent grant

Free format text: PATENTED CASE

FEPP Fee payment procedure

Free format text: MAINTENANCE FEE REMINDER MAILED (ORIGINAL EVENT CODE: REM.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

LAPS Lapse for failure to pay maintenance fees

Free format text: PATENT EXPIRED FOR FAILURE TO PAY MAINTENANCE FEES (ORIGINAL EVENT CODE: EXP.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

STCH Information on status: patent discontinuation

Free format text: PATENT EXPIRED DUE TO NONPAYMENT OF MAINTENANCE FEES UNDER 37 CFR 1.362

FP Lapsed due to failure to pay maintenance fee

Effective date: 20210221